search

ubeac / ubeac-api

Source of uBeac .NET Core packages
3 stars 2 forks source link

Implement CORS and HSTS #118

Closed ilhesam closed 2 years ago

ilhesam commented 2 years ago

Added getting CORS and HSTS options from JSON configuration files.

How to use?

cors.json:

{
  "CorsPolicy": {
    "Name": "Development",
    "Headers": [ "*" ],
    "Methods": [ "*" ],
    "Origins": [ "*" ]
  }
}

hsts.json:

{
  "Hsts": {
    "Preload": true,
    "IncludeSubDomains": true,
    "MaxAge": 60,
    "ExcludedHosts": [ "example.com", "www.example.com" ]
  }
}

Program.cs:

// Adding CORS
var corsPolicyOptions = builder.Configuration.GetSection("CorsPolicy");
builder.Services.AddCorsPolicy(corsPolicyOptions);

// Adding HSTS
var hstsOptions = builder.Configuration.GetSection("Hsts");
builder.Services.AddHttpsPolicy(hstsOptions);

// Using CORS middleware
app.UseCorsPolicy(corsPolicyOptions);

// Using HSTS middleware
app.UseHstsOnProduction(builder.Environment);