ByteGuard.SecurityHeaders 0.1.0

Prefix Reserved
.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher.
There is a newer prerelease version of this package available.
See the version list below for details. 
dotnet add package ByteGuard.SecurityHeaders --version 0.1.0
                    


                    

                
NuGet\Install-Package ByteGuard.SecurityHeaders -Version 0.1.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="ByteGuard.SecurityHeaders" Version="0.1.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="ByteGuard.SecurityHeaders" Version="0.1.0" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="ByteGuard.SecurityHeaders" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add ByteGuard.SecurityHeaders --version 0.1.0
                    


                    

                
#r "nuget: ByteGuard.SecurityHeaders, 0.1.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package ByteGuard.SecurityHeaders@0.1.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=ByteGuard.SecurityHeaders&version=0.1.0
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=ByteGuard.SecurityHeaders&version=0.1.0
                    


                            Install as a Cake Tool

ByteGuard.SecurityHeaders NuGet Version

ByteGuard.SecurityHeaders is a lightweight security-focused middleware package for adding a baseline set of security response headers to ASP.NET Core projects.

It gives you:

  • A single app.UseDefaultApiSecurityHeaders() call to apply sane defaults
  • OWASP-inspired header values based on the REST Security Cheat Sheet
  • An Enforce option to ensure the standard values are applied even if set elsewhere

⚠️ Important: This package is one layer in a defense-in-depth strategy.
It does not replace proper authentication/authorization, input validation, TLS configuration, CORS hardening, or other security controls.

Features

  • ✅ Add default security headers to every response
  • ✅ OWASP-inspired defaults for REST APIs
  • ✅ Non-breaking by default (does not override existing headers)
  • ✅ Optional enforcement mode to overwrite existing values
  • ✅ Minimal setup (UseDefaultApiSecurityHeaders)

Getting Started

Installation

This package is published and installed via NuGet.

Reference the package in your project:

dotnet add package ByteGuard.SecurityHeaders

Usage

Basic Usage

Add the middleware early in your pipeline:

var app = builder.Build();

app.UseDefaultApiSecurityHeaders();

app.MapControllers();
app.Run();

Enforce standard header values

By default, the middleware will not override headers that are already present. If you want to ensure the standard values are always used (even if other middleware/controllers set them), enable enforcement:

app.UseDefaultApiSecurityHeaders(options =>
{
    options.Enforce = true;
});

Headers Added

The middleware adds the following headers based on the OWASP REST Security Cheat Sheet:

  • Cache-Control: no-store
  • Content-Security-Policy: frame-ancestors 'none'
  • X-Content-Type-Options: nosniff
  • X-Frame-Options: DENY

Note: Enforce = false uses "add-if-missing" behavior. Enforce = true overwrites any existing value for the headers above.

When to use this package

  • ✅ When building REST APIs and you want a consistent baseline across services
  • ✅ When you want a simple “secure-by-default” middleware without a large configuration surface
  • ✅ When you want the option to enforce standard values across an entire API

Disclaimer

ByteGuard.SecurityHeaders is an independent open-source project maintained by the ByteGuard community.
It is not affiliated with, endorsed by, or sponsored by OWASP or the OWASP Foundation.

OWASP® is a trademark or registered trademark of the OWASP Foundation.
Any references to OWASP materials are for informational, educational, and interoperability purposes only.

License

ByteGuard.SecurityHeaders is Copyright © ByteGuard Contributors - Provided under the MIT license.

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 is compatible.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
0.1.1-dev-01005 255 12/18/2025
0.1.0 263 12/18/2025