Closed DamianEdwards closed 7 years ago
What do you think about ways of implementation:
NWebsec also helps with CSP (https://en.wikipedia.org/wiki/Content_Security_Policy)
I started it in the msbuild-migrate branch already as middleware. It's not working AFAICT when I deploy to Azure so not sure what's wrong yet.
Fixed (finally) in 39c48c8cc830ad661fcf3f04024e057159a87755
Configure HSTS to enforce HTTPS in browsers. See https://www.troyhunt.com/understanding-http-strict-transport/