Skip to content

Commit 6c1d848

Browse files
Arnab-DeveloperArnab-Developer
committed
Merge branch 'master' into 253-add-author-name-in-blog-post
2 parents 0a3b01c + 8d566d6 commit 6c1d848

File tree

3 files changed

+19
-2
lines changed

3 files changed

+19
-2
lines changed

Directory.Packages.props

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,9 +29,10 @@
2929
<PackageVersion Include="Markdig" Version="0.41.3" />
3030
<PackageVersion Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="9.0.8" />
3131
<PackageVersion Include="Microsoft.Extensions.Options" Version="9.0.8" />
32-
<PackageVersion Include="NCronJob" Version="4.5.4" />
32+
<PackageVersion Include="NCronJob" Version="4.6.0" />
3333
<PackageVersion Include="ReverseMarkdown" Version="4.7.0" />
3434
<PackageVersion Include="System.ServiceModel.Syndication" Version="9.0.8" />
35+
<PackageVersion Include="NetEscapades.AspNetCore.SecurityHeaders" Version="1.1.0"/>
3536
</ItemGroup>
3637
<ItemGroup Label="Tests">
3738
<PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="9.0.8" />
@@ -54,6 +55,6 @@
5455
</ItemGroup>
5556
<ItemGroup Label="Tools">
5657
<PackageVersion Include="CommandLineParser" Version="2.9.1" />
57-
<PackageVersion Include="Microsoft.Playwright" Version="1.54.0" />
58+
<PackageVersion Include="Microsoft.Playwright" Version="1.55.0" />
5859
</ItemGroup>
5960
</Project>

src/LinkDotNet.Blog.Web/LinkDotNet.Blog.Web.csproj

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
<PrivateAssets>all</PrivateAssets>
2020
</PackageReference>
2121
<PackageReference Include="Microsoft.Extensions.Options"/>
22+
<PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders"/>
2223
<PackageReference Include="ReverseMarkdown"/>
2324
<PackageReference Include="System.ServiceModel.Syndication"/>
2425
</ItemGroup>

src/LinkDotNet.Blog.Web/Program.cs

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
using LinkDotNet.Blog.Web.RegistrationExtensions;
77
using Microsoft.AspNetCore.Builder;
88
using Microsoft.AspNetCore.Diagnostics.HealthChecks;
9+
using Microsoft.Extensions.DependencyInjection;
910
using Microsoft.Extensions.Hosting;
1011

1112
namespace LinkDotNet.Blog.Web;
@@ -25,6 +26,18 @@ public static async Task Main(string[] args)
2526

2627
private static void RegisterServices(WebApplicationBuilder builder)
2728
{
29+
builder.Services.AddSecurityHeaderPolicies()
30+
.SetDefaultPolicy(p =>
31+
p.AddDefaultSecurityHeaders()
32+
.AddCrossOriginEmbedderPolicy(policy => policy.UnsafeNone())
33+
.AddPermissionsPolicy(policy =>
34+
{
35+
policy.AddCamera().None();
36+
policy.AddMicrophone().None();
37+
policy.AddGeolocation().None();
38+
}))
39+
.AddPolicy("API", p => p.AddDefaultApiSecurityHeaders());
40+
2841
builder.Services
2942
.AddHostingServices()
3043
.AddConfiguration()
@@ -49,6 +62,8 @@ private static void RegisterServices(WebApplicationBuilder builder)
4962

5063
private static void ConfigureApp(WebApplication app)
5164
{
65+
app.UseSecurityHeaders();
66+
5267
if (app.Environment.IsDevelopment())
5368
{
5469
app.UseDeveloperExceptionPage();

0 commit comments

Comments
 (0)