Suggestion: Add some security

OrchardCMS / OrchardCore

Orchard Core is an open-source modular and multi-tenant application framework built with ASP.NET Core, and a content management system (CMS) built on top of that framework.

https://orchardcore.net

BSD 3-Clause "New" or "Revised" License

7.37k stars 2.38k forks source link

Suggestion: Add some security #1284

Closed VaclavElias closed 6 years ago

VaclavElias commented 6 years ago

https://channel9.msdn.com/Events/Connect/2017/E115

e.g. https://github.com/NWebsec/NWebsec

Some bits are generic some needs to be configure individually, examples:

app.UseHsts(options => options.MaxAge(365));
app.UseReferrerPolicy(options => options.SameOrigin());
  ...
app.UseXXssProtection(options => options.EnabledWithBlockMode());
app.UseXContentTypeOptions()

Follow up of #1250

VaclavElias commented 6 years ago

I see this is a duplicate #854 .