-
Notifications
You must be signed in to change notification settings - Fork 9
X Xss Protection
Stefan Ossendorf edited this page Sep 19, 2014
·
7 revisions
It's quite easy to use the X-Xss-Protection header.
There are two ways to configure the header:
Remark OWIN buildfunc signature:
AppFunc = Func<IDictionary<string, object>, Task>;
BuildFunc = Action<Func<IDictionary<string, object>, Func<AppFunc, AppFunc>>>;To use the extension method you have to use one of the following using statements:
using SecurityHeadersMiddleware;
using SecurityHeadersMiddleware.OwinAppBuilder;IAppBuilder appbuilder;
BuildFunc buildFunc;
// Add X-Xss-Protection: 1; mode=block
buildFunc.XssProtectionHeader();
appbuilder.XssProtectionHeader();
// Add X-Xss-Protection: 0
buildFunc.XssProtectionHeader(disabled: true);
appbuilder.XssProtectionHeader(disabled: true);