Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / juunas11/aspnetcore-security-headers issues and pull requests

#81 - Why is child-src deprecated

Issue - State: open - Opened by niemyjski 2 months ago

#79 - nonce is generating with + symbol but .net core is encoding it

Issue - State: open - Opened by mohdyasar 9 months ago - 1 comment

#77 - Using Nonces with Blazor

Issue - State: open - Opened by Clive321A 10 months ago

#76 - Configure CSP in appsettings.json but want to set OnSendingHeader

Issue - State: open - Opened by litera 11 months ago - 1 comment

#74 - Add support for script-src-elem, script-src-attr, style-src-elem and …

Pull Request - State: open - Opened by PhenX over 1 year ago - 2 comments

#73 - Feature/5.0

Pull Request - State: closed - Opened by juunas11 over 1 year ago

#72 - Implemented support for AllowedHashes

Pull Request - State: closed - Opened by gps-lasrol over 1 year ago - 2 comments

#71 - Appending nonce to scripts added as strings

Issue - State: closed - Opened by jplatfordquba over 1 year ago - 1 comment

#70 - Alternative syntax

Issue - State: open - Opened by gatecrasher63 almost 2 years ago - 1 comment

#69 - Using SHA. How do I use it?

Issue - State: open - Opened by gatecrasher63 almost 2 years ago - 4 comments

#68 - Nonce is empty

Issue - State: closed - Opened by spaasis about 2 years ago - 2 comments

#67 - Feature/rename featurepolicy

Pull Request - State: closed - Opened by alexandrejulien about 2 years ago - 2 comments

#66 - Renaming header.

Pull Request - State: closed - Opened by alexandrejulien about 2 years ago

#65 - Rename header "Feature Policy" to "Permissions-Policy"

Issue - State: open - Opened by alexandrejulien about 2 years ago - 1 comment

#64 - add nonce attribute for devextreme components

Issue - State: open - Opened by Thabot011 about 2 years ago - 2 comments

#63 - Add Antiforgery Token to report violations post.

Issue - State: open - Opened by malylemire1 over 2 years ago - 1 comment

#62 - Path in ReportViolationsTo causes 404 when using IIS

Issue - State: open - Opened by Rakshasas over 2 years ago - 1 comment

#61 - Access the nonce value

Issue - State: closed - Opened by tlnorwood almost 3 years ago - 1 comment

#60 - Rename UseHsts to UseStrictTransportSecurity

Pull Request - State: closed - Opened by juunas11 almost 3 years ago

#59 - Feature/4.0

Pull Request - State: closed - Opened by juunas11 almost 3 years ago

#58 - feat(CSP): add 'trusted-types' CSP directive support

Pull Request - State: open - Opened by luber about 3 years ago - 1 comment

#57 - Add support of 'require-trusted-types-for' csp directive

Issue - State: open - Opened by luber about 3 years ago - 1 comment

#56 - Implemented Sha256Support instead of nonce

Pull Request - State: open - Opened by conradmicallef over 3 years ago - 1 comment

#55 - Added support for CSP report-to

Pull Request - State: open - Opened by daviddesmet over 3 years ago - 3 comments

#54 - Add CspReport Object

Issue - State: open - Opened by Matti-Koopa over 3 years ago - 1 comment

#53 - Add support for report-sample

Issue - State: open - Opened by j-hudecek almost 4 years ago - 1 comment

#52 - <div asp-validation-summary="All" ></div>

Issue - State: closed - Opened by V4A001 over 4 years ago - 2 comments

#51 - Usage with a single page application

Issue - State: open - Opened by TheKnarf almost 5 years ago - 3 comments

#50 - change namings of app builder extensions, added Joonasw to method names

Pull Request - State: closed - Opened by phreakmania about 5 years ago - 2 comments

#48 - Add report options to UseXXssProtection

Issue - State: open - Opened by jamesharling over 5 years ago - 1 comment

#46 - .NET Core 3.0 Issues

Issue - State: closed - Opened by MCFHTAGENTS over 5 years ago - 2 comments

#45 - Nonce not working in asp.net core mvc

Issue - State: open - Opened by Ephaltes over 5 years ago - 11 comments

#44 - Add .editorconfig

Pull Request - State: closed - Opened by MrMDavidson over 5 years ago - 1 comment

#43 - Adds support for "require-sri-for" value

Pull Request - State: closed - Opened by MrMDavidson over 5 years ago - 5 comments

#42 - Disable output of "upgrade-insecure-requests" in "report only" mode

Issue - State: open - Opened by mgroetan almost 6 years ago - 3 comments

#41 - Jpk/report to

Pull Request - State: open - Opened by jpknoll almost 6 years ago - 3 comments

#40 - Support new "report-to" directive and header.

Issue - State: open - Opened by jpknoll almost 6 years ago - 3 comments

#39 - Add Security Headers in Response.OnStarting

Issue - State: open - Opened by agilenut almost 6 years ago - 7 comments

#38 - Exclude Hsts middleware for asp.net core 2.2 version

Issue - State: closed - Opened by SychevIgor almost 6 years ago

#37 - packages update

Pull Request - State: closed - Opened by SychevIgor almost 6 years ago - 2 comments

#36 - What about 'data' URIs?

Issue - State: closed - Opened by Zettersten about 6 years ago - 1 comment

#35 - Partial view issue

Issue - State: closed - Opened by JandosKh about 6 years ago - 1 comment

#34 - Add support for manifest-src CSP directive

Pull Request - State: closed - Opened by MrMDavidson about 6 years ago - 1 comment

#33 - adding in changes for the nonce service

Pull Request - State: open - Opened by rhux over 6 years ago

#32 - CSP manifest-src directive not supported

Issue - State: closed - Opened by marcwittke over 6 years ago - 3 comments

#30 - Set up CI with Azure Pipelines

Pull Request - State: closed - Opened by azure-pipelines[bot] over 6 years ago

#29 - Add support for all security headers

Pull Request - State: closed - Opened by jcox86 over 6 years ago - 6 comments

#28 - Add support for all security headers

Issue - State: closed - Opened by jcox86 over 6 years ago

#27 - Add support for new prefetch-src header

Pull Request - State: closed - Opened by MrMDavidson over 6 years ago - 4 comments

#26 - Add support for `prefetch-src`

Issue - State: closed - Opened by MrMDavidson over 6 years ago - 2 comments

#25 - Strict-dynamic support for frames

Issue - State: closed - Opened by cfletcher over 6 years ago - 5 comments

#24 - Fix spelling error in strict dynamic test

Pull Request - State: closed - Opened by EspenG over 6 years ago - 1 comment

#22 - Add support for strict-dynamic

Pull Request - State: closed - Opened by EspenG over 6 years ago - 2 comments

#20 - asp.net core 2.1 UseHsts() naming conflict

Issue - State: open - Opened by dotnetshadow almost 7 years ago - 3 comments

#18 - RandomNumberGenerator.GetBytes is not thread-safe

Issue - State: closed - Opened by Flavien almost 7 years ago - 4 comments

#17 - Support base-uri directive

Issue - State: closed - Opened by Flavien almost 7 years ago - 1 comment

#16 - Add .NET Standard 2.0 support

Pull Request - State: closed - Opened by kant2002 about 7 years ago - 1 comment

#14 - Add support for checking response type before adding headers

Issue - State: open - Opened by juunas11 about 7 years ago - 1 comment

#13 - Attempt to solve #12: let application decide when to add the CSP header

Pull Request - State: closed - Opened by ahouben about 7 years ago - 3 comments

#12 - Let application decide when to add CSP http header

Issue - State: closed - Opened by ahouben about 7 years ago - 1 comment

#11 - Add frame-src and worker-src, obsolete child-src

Pull Request - State: closed - Opened by knightpfhor about 7 years ago - 2 comments

#10 - upgrade-insecure-requests

Issue - State: closed - Opened by ajeckmans over 7 years ago - 2 comments

#9 - Adding nonce to a div element with inline style

Issue - State: closed - Opened by henningst over 7 years ago - 4 comments

#8 - Allow dependency injection of options from configuration files

Pull Request - State: closed - Opened by awarrenlove over 7 years ago - 8 comments

#7 - Updated sample and test projects to use .NET Core 2.0.

Pull Request - State: closed - Opened by juunas11 over 7 years ago

#6 - Core 2.0 upgrade

Issue - State: closed - Opened by xperiandri over 7 years ago - 4 comments

#5 - Improve HSTS options

Pull Request - State: closed - Opened by juunas11 almost 8 years ago

#4 - HstsOptions should work with Timespan class

Issue - State: closed - Opened by MovGP0 almost 8 years ago - 4 comments

#3 - Add feature to add the X-header to the reponse.

Pull Request - State: closed - Opened by Gaulomatic almost 8 years ago - 1 comment

#2 - X-Content-Security-Policy

Issue - State: closed - Opened by Gaulomatic almost 8 years ago - 1 comment

#1 - Internet explorer compability?

Issue - State: open - Opened by ka-sundberg about 8 years ago - 1 comment