Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / NWebsec/NWebsec issues and pull requests

#200 - OIDC error

Issue - State: closed - Opened by daver77 over 1 year ago

#199 - Bump jQuery.Validation from 1.17.0 to 1.19.3 in /src/MvcClassic

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago
Labels: dependencies

#198 - Bump Newtonsoft.Json from 12.0.2 to 13.0.2 in /src/MvcClassic

Pull Request - State: open - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies

#197 - Add support for the latest .net/.net standard

Issue - State: open - Opened by timhoekstra about 2 years ago - 1 comment

#196 - Add support for "unsafe-hashes"

Issue - State: open - Opened by timeverts about 2 years ago - 1 comment

#195 - Bump Microsoft.Owin from 4.1.0 to 4.2.2 in /src/MvcClassic

Pull Request - State: open - Opened by dependabot[bot] about 2 years ago
Labels: dependencies

#194 - Bump Microsoft.Owin from 4.1.0 to 4.1.1 in /src/MvcClassic

Pull Request - State: closed - Opened by dependabot[bot] about 2 years ago - 1 comment
Labels: dependencies

#193 - Csp header not set when using UseStatusCodePagesWithReExecute.

Issue - State: closed - Opened by malylemire1 about 2 years ago - 1 comment

#192 - Bump Newtonsoft.Json from 12.0.2 to 13.0.1 in /src/MvcClassic

Pull Request - State: closed - Opened by dependabot[bot] over 2 years ago - 1 comment
Labels: dependencies

#191 - Allow nonce for script only?

Issue - State: open - Opened by dt21x over 2 years ago

#190 - Migrate to netstandard2.1

Pull Request - State: closed - Opened by darlov over 2 years ago

#189 - Add support for Permissions-Policy header in ASP.NET Core

Pull Request - State: open - Opened by jonms90 over 2 years ago - 1 comment

#188 - Only return CSP for document requests

Issue - State: open - Opened by carlin-q-scott over 2 years ago - 2 comments

#187 - work in blazor WebAssembly project

Issue - State: open - Opened by BamdadTabari almost 3 years ago

#185 - Support for Permissions-Header?

Issue - State: open - Opened by VILLAN3LL3 almost 3 years ago

#184 - NWebSec Sample Projects

Pull Request - State: open - Opened by BamdadTabari almost 3 years ago

#182 - Path restrictions for script-src?

Issue - State: open - Opened by chrischu about 3 years ago - 4 comments

#180 - CspReport Disposition value is not exposed by CspReportDetails

Issue - State: open - Opened by bkqc over 3 years ago

#179 - How to enable nonce on style attributes

Issue - State: open - Opened by joshbinney over 3 years ago

#178 - UseCsp with Script block pages on redirect

Issue - State: open - Opened by pampua84 over 3 years ago

#177 - Assembly reference version warning

Issue - State: open - Opened by arc95 over 3 years ago

#176 - Csp - multiple urls not working

Issue - State: open - Opened by phil123456 over 3 years ago - 5 comments

#175 - If URL provided as absolute with no scheme specified add request schema

Pull Request - State: open - Opened by lafriks over 3 years ago - 2 comments

#174 - Non-MVC WebForms ASPX .Net 4.6.1 - Basic configuration not working.

Issue - State: closed - Opened by bxsingh1 over 3 years ago - 6 comments

#173 - What does "enableBuiltinHandler" in web.config actually do?

Issue - State: open - Opened by hobbes-visionfriendly-com almost 4 years ago - 1 comment

#172 - Target net5.0

Issue - State: open - Opened by klauco almost 4 years ago - 3 comments

#170 - Added support for 'allow-downloads' attribute for CSP sandbox directive

Pull Request - State: open - Opened by MarkSizer about 4 years ago - 1 comment

#169 - CSP Middleware multiple custom sources

Issue - State: closed - Opened by muni20 over 4 years ago - 2 comments

#167 - Ability to add nonce without TagHelper?

Issue - State: closed - Opened by dotnetshadow over 4 years ago - 5 comments

#166 - Everything is internal in your middleware

Issue - State: open - Opened by waynebrantley over 4 years ago

#165 - Session ID Not Generated On Initial Page Load (.NET FW 4.7.2)

Issue - State: closed - Opened by PRISMAY over 4 years ago - 2 comments

#164 - Add support for Razor Pages

Issue - State: open - Opened by ArturDorochowicz over 4 years ago - 2 comments

#163 - Bug In SchemeOnlyRegex String

Issue - State: closed - Opened by lanfear over 4 years ago - 2 comments

#162 - Default/Script Self() Bug?

Issue - State: closed - Opened by cgountanis over 4 years ago - 2 comments

#161 - Support for feature-policy: None, etc...?

Issue - State: open - Opened by cgountanis over 4 years ago - 1 comment

#160 - Target ASP.NET Core 3.1 to fix #150

Pull Request - State: closed - Opened by klings over 4 years ago

#159 - CSP with Bootstrap 4 DefaultSources/ImageSources

Issue - State: closed - Opened by cgountanis over 4 years ago - 2 comments

#158 - Non-MVC WebForms ASPX Support

Issue - State: closed - Opened by cgountanis almost 5 years ago - 3 comments

#157 - Remove HPKP

Issue - State: closed - Opened by klings almost 5 years ago

#156 - Add support for Cross-Origin Resource Policy (CORP)

Issue - State: open - Opened by klings almost 5 years ago

#155 - dotnet core 3.1 UseReferrerPolicy issue

Issue - State: closed - Opened by Staggerlee011 almost 5 years ago - 1 comment

#154 - adding nonce to link and script fallback tag helpers

Issue - State: open - Opened by crittag almost 5 years ago

#153 - add support for CSP navigate-to directive

Issue - State: open - Opened by harishrathi almost 5 years ago

#152 - Bump Microsoft.AspNetCore.All from 2.0.5 to 2.0.9 in /src/Mvc

Pull Request - State: closed - Opened by dependabot[bot] almost 5 years ago - 1 comment
Labels: dependencies

#151 - Bump bootstrap from 3.0.0 to 3.4.1 in /src/MvcClassic

Pull Request - State: closed - Opened by dependabot[bot] almost 5 years ago - 1 comment
Labels: dependencies

#150 - ASP.NET Core 3 support

Issue - State: closed - Opened by DOMZE about 5 years ago - 12 comments

#149 - How to configure an unsafe-eval using the OWIN fluent configuration?

Issue - State: closed - Opened by bounav about 5 years ago - 3 comments

#148 - <script nws-csp-add-nonce="true"> not working ASP.NET Core 2.1

Issue - State: closed - Opened by alcastronava about 5 years ago - 2 comments

#147 - nonce

Issue - State: closed - Opened by alcastronava about 5 years ago

#146 - nonce attribute in CSP header

Issue - State: closed - Opened by anawale over 5 years ago - 1 comment

#145 - Add support for excluding routes

Issue - State: open - Opened by Newmski over 5 years ago

#144 - Support to script-src-elem

Issue - State: open - Opened by prainho over 5 years ago - 1 comment

#143 - CustomSources ms-appx-web: causes exception

Issue - State: closed - Opened by prainho over 5 years ago - 2 comments

#142 - [Csp] Attribute not inherited by child controller

Issue - State: closed - Opened by Phoenix359 over 5 years ago

#141 - XSS add report URI support

Pull Request - State: closed - Opened by espenrl over 5 years ago - 1 comment

#140 - Expired SSL Cert on www.nwebsec.com

Issue - State: closed - Opened by robinbihun over 5 years ago - 2 comments

#139 - Asp.net core packages update

Pull Request - State: closed - Opened by SychevIgor over 5 years ago - 1 comment

#138 - Add support for CSP script-src 'report-sample'

Issue - State: open - Opened by Sora2455 over 5 years ago - 1 comment

#137 - WebHint: The directive "must-revalidate" is not recommended

Issue - State: open - Opened by espenrl almost 6 years ago

#135 - Add Support for the new Report-To HTTP Header

Issue - State: open - Opened by RehanSaeed almost 6 years ago

#134 - About new security header: Feature Policy

Issue - State: open - Opened by zoze about 6 years ago - 4 comments

#133 - XContentTypeOptionsMiddleware is failing Webhint.io/scanner

Issue - State: open - Opened by aligneddev about 6 years ago - 3 comments

#132 - .net core 2.0 appsettings support?

Issue - State: open - Opened by dotnetshadow over 6 years ago

#131 - Support CSP img-src unsafe-inline

Issue - State: closed - Opened by luhis over 6 years ago - 1 comment

#130 - Nonce length -

Issue - State: closed - Opened by OutdoorEdLLC over 6 years ago

#129 - Support report on X-Xss-Protection

Issue - State: closed - Opened by credfeto over 6 years ago - 2 comments

#128 - Support multiple policies for a resource

Issue - State: open - Opened by i4rilu over 6 years ago - 4 comments

#127 - Bug in 5.1.0 release: The configuration element 'style-src' is not valid

Issue - State: closed - Opened by i4rilu over 6 years ago - 1 comment

#126 - Provide option to re-set CSP Header

Issue - State: open - Opened by twenzel over 6 years ago - 7 comments

#125 - Issue with style-src in Web.config

Issue - State: closed - Opened by dwaxweiler over 6 years ago - 3 comments

#124 - CSP implement unsafe-hashed-attributes

Issue - State: open - Opened by klings over 6 years ago

#123 - Nonces are not working with ResponseCompression

Issue - State: closed - Opened by twenzel over 6 years ago - 1 comment

#122 - Child-src being deprecated => how to declare worker-src ?

Issue - State: closed - Opened by lgmorand over 6 years ago - 3 comments

#120 - CspNonceTagHelper does not work on iframe

Issue - State: closed - Opened by prochnowc almost 7 years ago - 1 comment

#119 - .NET Core 2.0 support

Issue - State: closed - Opened by programmersommer almost 7 years ago - 3 comments

#118 - Add Referrer-Policy via web.config

Issue - State: closed - Opened by Matheis92 almost 7 years ago - 2 comments

#117 - Added basic config for setting 'strict-dynamic' for CSP

Pull Request - State: closed - Opened by RiLaRos almost 7 years ago

#116 - Should requirePermission be true?

Issue - State: closed - Opened by arc95 almost 7 years ago - 1 comment

#115 - Which HTTP headers does SetNoCacheHttpHeadersAttribute() add?

Issue - State: closed - Opened by arc95 almost 7 years ago - 1 comment

#109 - X-Frame-Options Allow-From?

Issue - State: closed - Opened by escar about 7 years ago - 4 comments

#108 - Automatically generating NWebsecSessionAuthenticationKey at application start

Issue - State: closed - Opened by etm-admin about 7 years ago - 1 comment

#107 - Added support for Expect-CT header

Pull Request - State: closed - Opened by andersosthus about 7 years ago - 1 comment

#106 - fix #97

Pull Request - State: closed - Opened by schulz3000 about 7 years ago - 1 comment

#105 - Strong Name Signed version

Issue - State: closed - Opened by Astimus about 7 years ago - 7 comments

#100 - Add support for CSP hashes

Issue - State: closed - Opened by RehanSaeed over 7 years ago - 13 comments

#99 - Implement Expect-CT HTTP Header

Issue - State: closed - Opened by RehanSaeed over 7 years ago - 1 comment

#98 - CSP strict-dynamic directive aspnet4

Issue - State: closed - Opened by klings over 7 years ago - 1 comment

#97 - Update referrer policy HtmlHelper NWebsec aspnet4

Issue - State: closed - Opened by klings over 7 years ago

#89 - Support 'require-sri-for' in Content-Security-Policy

Issue - State: open - Opened by RehanSaeed almost 8 years ago - 8 comments
Labels: feature, csp

#83 - UseCsp.... load from string?

Issue - State: closed - Opened by alexdresko about 8 years ago - 2 comments

#73 - Subresource Integrity

Issue - State: closed - Opened by RehanSaeed almost 9 years ago - 2 comments

#55 - Programmatic configuration?

Issue - State: closed - Opened by alexdresko over 9 years ago - 10 comments