Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / andrewlock/NetEscapades.AspNetCore.SecurityHeaders issues and pull requests
#198 - Make nonce generation lazy
Pull Request -
State: closed - Opened by andrewlock 2 days ago
#197 - Mark ExpectCTHeader as obsolete
Pull Request -
State: closed - Opened by andrewlock 2 days ago
#196 - Version bump
Pull Request -
State: closed - Opened by andrewlock 2 days ago
#195 - Add logo
Pull Request -
State: closed - Opened by andrewlock 2 days ago
#194 - Security Headers Logo
Issue -
State: closed - Opened by khalidabuhakmeh 3 days ago
- 2 comments
#193 - Build updates
Pull Request -
State: closed - Opened by andrewlock 3 days ago
#192 - Full CSP Header only added on first request after app start
Issue -
State: closed - Opened by wiedikerli 4 days ago
#191 - Mark xss protection obsolete
Pull Request -
State: closed - Opened by andrewlock 5 days ago
#190 - Major version bump
Pull Request -
State: closed - Opened by andrewlock 12 days ago
#189 - .Net 9 Blazor importmap sha creation
Issue -
State: closed - Opened by ghidello 13 days ago
- 8 comments
#188 - Update readme based on latest
Pull Request -
State: closed - Opened by andrewlock 14 days ago
#187 - Mark FeaturePolicy as obsolete
Pull Request -
State: closed - Opened by andrewlock 14 days ago
#186 - Remove "document header" functionality in favour of policy selector
Pull Request -
State: closed - Opened by andrewlock 14 days ago
#185 - Significant refactor of applying custom policies
Pull Request -
State: closed - Opened by andrewlock 14 days ago
#184 - Update defaults again
Pull Request -
State: closed - Opened by andrewlock 14 days ago
#183 - Update default policies
Pull Request -
State: closed - Opened by andrewlock 14 days ago
#182 - Fix typos in permissions policy documentation
Pull Request -
State: closed - Opened by andrewlock 14 days ago
#181 - Bump version
Pull Request -
State: closed - Opened by andrewlock 17 days ago
#181 - Bump version
Pull Request -
State: closed - Opened by andrewlock 17 days ago
#180 - Fix using obsolete version of action
Pull Request -
State: closed - Opened by andrewlock 17 days ago
#180 - Fix using obsolete version of action
Pull Request -
State: closed - Opened by andrewlock 17 days ago
#179 - Allow adding multiple uris to CSP builder `AddFrameAncestors()`
Pull Request -
State: closed - Opened by andrewlock 20 days ago
#179 - Allow adding multiple uris to CSP builder `AddFrameAncestors()`
Pull Request -
State: closed - Opened by andrewlock 20 days ago
#178 - Content Security Policy Frame Ancestors builder doesn't allow multiple URIs in single call
Issue -
State: closed - Opened by JackGilmore 20 days ago
- 3 comments
#177 - Adds new Permissions Policies
Pull Request -
State: closed - Opened by Registeel 24 days ago
- 6 comments
#177 - Adds new Permissions Policies
Pull Request -
State: closed - Opened by Registeel 24 days ago
- 6 comments
#176 - Update Features to Latest Available
Issue -
State: closed - Opened by Registeel 24 days ago
- 6 comments
#175 - Add Public API tests
Pull Request -
State: closed - Opened by andrewlock 25 days ago
#175 - Add Public API tests
Pull Request -
State: closed - Opened by andrewlock 25 days ago
#174 - Allow cutsomizing the headers per request
Pull Request -
State: closed - Opened by andrewlock 26 days ago
#174 - Allow cutsomizing the headers per request
Pull Request -
State: closed - Opened by andrewlock 26 days ago
#173 - Endpoint security middleware
Pull Request -
State: closed - Opened by andrewlock 28 days ago
#173 - Endpoint security middleware
Pull Request -
State: closed - Opened by andrewlock 28 days ago
#172 - Allow specifying different properties for endpoints
Pull Request -
State: closed - Opened by andrewlock 30 days ago
#172 - Allow specifying different properties for endpoints
Pull Request -
State: closed - Opened by andrewlock 30 days ago
#171 - Bump minimum dep to 3.1
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#171 - Bump minimum dep to 3.1
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#170 - Add demo of adding hashes for fallback scripts to demo site
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#170 - Add demo of adding hashes for fallback scripts to demo site
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#169 - Make adding directives to the CSP idempotent to avoid duplicates
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#168 - Remove X-XSS-Protection from default headers
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#168 - Remove X-XSS-Protection from default headers
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#167 - Drop support for .NET FX, update minimum to .NET Core 2.1
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#166 - Update SDK version
Pull Request -
State: closed - Opened by andrewlock about 1 month ago
#165 - Changed OnResponseStarting method
Pull Request -
State: closed - Opened by castilhera about 2 months ago
- 1 comment
#164 - Adding reporting endpoints for uriports.com
Issue -
State: closed - Opened by daver77 about 2 months ago
- 1 comment
#163 - Remove X-XSS-Protection from defaults
Issue -
State: closed - Opened by EddyCwdry 2 months ago
- 1 comment
#162 - Add support for `unsafe-hashes` on `style` attributes, and inline event handlers (fixes #155)
Pull Request -
State: closed - Opened by tiesmaster 3 months ago
- 8 comments
#161 - Bump version
Pull Request -
State: closed - Opened by andrewlock 4 months ago
#160 - Please create a new release
Issue -
State: closed - Opened by the-gabe 4 months ago
- 2 comments
#159 - CSS failing CSP using nonce when not white-listed
Issue -
State: closed - Opened by daver77 4 months ago
- 2 comments
#158 - asp-add-nonce output does not match the CSP nonce
Issue -
State: closed - Opened by daver77 4 months ago
- 1 comment
#157 - Nonce only for external scripts, but keep self scripts without nonce
Issue -
State: open - Opened by antondim 4 months ago
#157 - Nonce only for external scripts, but keep self scripts without nonce
Issue -
State: closed - Opened by antondim 4 months ago
- 1 comment
#156 - DDOS / honeypot, protect register / login page
Issue -
State: closed - Opened by fasteddys 5 months ago
- 1 comment
#155 - Consider adding support for unsafe-hashes for `style` attributes with the HashTagHelper
Issue -
State: closed - Opened by tiesmaster 6 months ago
- 12 comments
#154 - Tag Helper in Blazor
Issue -
State: closed - Opened by zemiguell 6 months ago
- 1 comment
#153 - Added support for `Cross-Origin-Embedder-Policy: credentialless`
Pull Request -
State: closed - Opened by RaceProUK 6 months ago
- 1 comment
#152 - Corrected Copy/Paste errors in comments
Pull Request -
State: closed - Opened by ThomasBjallas 7 months ago
- 1 comment
#151 - How can I add the asp-add-nonce to html elements with the style attribute?
Issue -
State: closed - Opened by HaichH 8 months ago
#150 - Project is not Strong-name signed
Issue -
State: closed - Opened by josteink 8 months ago
- 3 comments
#149 - Can't use None() with ReportSample()
Issue -
State: closed - Opened by ArturDorochowicz about 1 year ago
- 2 comments
#148 - [Question] How do I disable StyleSrc on a page?
Issue -
State: closed - Opened by vzsoft about 1 year ago
- 1 comment
#147 - Make CspDirectiveBuilder methods idempotent
Issue -
State: closed - Opened by kimbell about 1 year ago
- 2 comments
#146 - [Question] Customizing when security headers are applied
Issue -
State: closed - Opened by forrestab about 1 year ago
- 7 comments
#145 - CSP on Static Files
Issue -
State: closed - Opened by DaleMckeown about 1 year ago
- 3 comments
#144 - Installing the package gives an error for Blazor WASM .NET 7.0
Issue -
State: closed - Opened by goodchaitanya about 1 year ago
- 4 comments
#143 - Bump Version
Pull Request -
State: closed - Opened by andrewlock about 1 year ago
#142 - Add support for style-src-attr, style-src-elem, script-src-attr, and script-src-elem
Pull Request -
State: closed - Opened by andrewlock about 1 year ago
#141 - X-XSS-Protection should not be enabled by default
Issue -
State: closed - Opened by RichardD2 about 1 year ago
- 4 comments
#140 - docs: correct dotnet add package
Pull Request -
State: closed - Opened by johnnyreilly about 1 year ago
- 1 comment
#139 - Add support for script-src-attr, script-src-elem, style-src-attr, style-src-elem
Issue -
State: closed - Opened by memoryhash over 1 year ago
- 1 comment
#138 - Add support for trusted-types and require-trusted-types-for
Issue -
State: open - Opened by memoryhash over 1 year ago
- 2 comments
#137 - Question: Chaining from ScriptSourceDirectiveBuilder and adding that to builder
Issue -
State: closed - Opened by daver77 over 1 year ago
- 2 comments
#136 - README not updated with recent policy changes
Issue -
State: closed - Opened by scara over 1 year ago
- 2 comments
#135 - OIDC error
Issue -
State: closed - Opened by daver77 over 1 year ago
- 3 comments
#134 - Expose DocumentHeaderContentTypePrefixes as a collection?
Issue -
State: closed - Opened by Aaron-P over 1 year ago
- 1 comment
#133 - Question: Response Headers missing in API calls
Issue -
State: closed - Opened by damienbod over 1 year ago
- 6 comments
#132 - Drop support for old Frameworks
Issue -
State: closed - Opened by madhon over 1 year ago
- 6 comments
#131 - Bump version to 0.18.0
Pull Request -
State: closed - Opened by andrewlock over 1 year ago
#130 - Optionally apply html headers to all document headers
Pull Request -
State: closed - Opened by andrewlock almost 2 years ago
#129 - Update stylecop
Pull Request -
State: closed - Opened by andrewlock almost 2 years ago
#128 - Add support for Reporting-Endpoints header
Pull Request -
State: closed - Opened by andrewlock almost 2 years ago
#127 - Add support for sandbox directive
Pull Request -
State: closed - Opened by andrewlock almost 2 years ago
#126 - Add support for `Report-To` directive
Pull Request -
State: closed - Opened by andrewlock almost 2 years ago
#125 - Add support for `unsafe-hashes` and `wasm-unsafe-eval`
Pull Request -
State: closed - Opened by andrewlock almost 2 years ago
#124 - The report-uri directive has ben deprecated in favor of the new report-to directive
Issue -
State: closed - Opened by quartilesoftware almost 2 years ago
- 2 comments
#123 - Change to the new version tuple naming in SecurityHeadersMiddleware
Pull Request -
State: closed - Opened by aligholipour about 2 years ago
- 1 comment
#123 - Change to the new version tuple naming in SecurityHeadersMiddleware
Pull Request -
State: closed - Opened by aligholipour about 2 years ago
- 1 comment
#122 - Make CrossOriginEmbedderPolicyHeader a HeaderPolicyBase
Pull Request -
State: closed - Opened by andrewlock over 2 years ago
#122 - Make CrossOriginEmbedderPolicyHeader a HeaderPolicyBase
Pull Request -
State: closed - Opened by andrewlock over 2 years ago
#121 - Set headers on static files
Issue -
State: closed - Opened by rogerfar over 2 years ago
- 3 comments
#121 - Set headers on static files
Issue -
State: closed - Opened by rogerfar over 2 years ago
- 3 comments
#120 - Not working
Issue -
State: closed - Opened by mihaimyh over 2 years ago
- 1 comment
#119 - Allow setting Content Security Policy header on non-HTML responses (such as from an API)
Issue -
State: closed - Opened by schmidlkofer over 2 years ago
- 8 comments
#118 - Fix header being generated on every request when caching is enabled.
Pull Request -
State: closed - Opened by lawrencek76 over 2 years ago
- 2 comments
#117 - Should not create a new nonce / headers for cached responses
Issue -
State: closed - Opened by lawrencek76 over 2 years ago
- 1 comment
#116 - How do I add multiple entries to the same directive?
Issue -
State: closed - Opened by MrSuttonmann almost 3 years ago
- 1 comment
#115 - Can't get asp-add-nonce to display a nonce
Issue -
State: closed - Opened by aderrose almost 3 years ago
- 5 comments
#114 - Dynamic paths for report-uri
Issue -
State: closed - Opened by kimbell almost 3 years ago
- 2 comments