abpframework
AbpSecurityHeadersOptions not working properly.
Documentation
Please check the official documentation before asking questions: https://docs.abp.io
GitHub Issues
GitHub issues are for bug reports, feature requests, and other discussions about the framework.
If you're creating a bug/problem report, please include the followings:
- Your ABP Framework 7.3.1.
- Your Angular type
- Your database provider(EF Core)
the first implementation (not working as expected) app.UseAbpSecurityHeaders(); app.Use(async (context, next) => { context.Response.Headers.Add("Content-Security-Policy", "default-src 'self';connect-src 'self' wss://localhost:44376;style-src 'self'; script-src 'self' 'http://localhost:44352/';"); await next(); });
AND second way (Library is not available)
Configure<AbpSecurityHeadersOptions>(options => { options.UseContentSecurityPolicyHeader = true; //false by default });
AbpSecurityHeadersOptions is throwing not found error though other libs are loading.
public override void OnApplicationInitialization(ApplicationInitializationContext context)
{
var app = context.GetApplicationBuilder();
var env = context.GetEnvironment();
app.UseAbpSecurityHeaders();
Configure<AbpSecurityHeadersOptions>(options =>
{
options.UseContentSecurityPolicyHeader = true; //false by default
options.ContentSecurityPolicyValue = "object-src 'none'; form-action 'self'; frame-ancestors 'none'"; //default value
options.Headers["Referrer-Policy"] = "no-referrer";
});
I was trying to use the following:
page ref, but even after running the abp install-libs, I'm getting not found for AbpSecurityHeadersOptions.