Add support for X-Permitted-Cross-Domain-Policies header

tpeczek / Lib.AspNetCore.Security

Lib.AspNetCore.Security is a library which provides security features like Content Security Policy, Strict Transport Security or Expect-CT for ASP.NET Core

MIT License

32 stars 5 forks source link

Add support for X-Permitted-Cross-Domain-Policies header #14

Closed tpeczek closed 7 years ago

tpeczek commented 7 years ago

HTTP header used for informing Adobe products (PDF, Flash) as to how to handle cross domain policies. Allowed directives:

none - No policy files are allowed anywhere on the target server, including this master policy file.
master-only - Only this master policy file is allowed.
by-content-type - Only policy files served with Content-Type: text/x-cross-domain-policy are allowed.
all - All policy files on this target domain are allowed.