NetEscapades.AspNetCore.SecurityHeaders 0.18.0

.NET Core 3.0 .NET Standard 2.0 .NET Framework 4.6.1
dotnet add package NetEscapades.AspNetCore.SecurityHeaders --version 0.18.0
NuGet\Install-Package NetEscapades.AspNetCore.SecurityHeaders -Version 0.18.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="0.18.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add NetEscapades.AspNetCore.SecurityHeaders --version 0.18.0
#r "nuget: NetEscapades.AspNetCore.SecurityHeaders, 0.18.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install NetEscapades.AspNetCore.SecurityHeaders as a Cake Addin
#addin nuget:?package=NetEscapades.AspNetCore.SecurityHeaders&version=0.18.0

// Install NetEscapades.AspNetCore.SecurityHeaders as a Cake Tool
#tool nuget:?package=NetEscapades.AspNetCore.SecurityHeaders&version=0.18.0

Middleware for ASP.NET Core to automatically add security headers to requests.

Product Versions
.NET net5.0 net5.0-windows net6.0 net6.0-android net6.0-ios net6.0-maccatalyst net6.0-macos net6.0-tvos net6.0-windows net7.0 net7.0-android net7.0-ios net7.0-maccatalyst net7.0-macos net7.0-tvos net7.0-windows
.NET Core netcoreapp2.0 netcoreapp2.1 netcoreapp2.2 netcoreapp3.0 netcoreapp3.1
.NET Standard netstandard2.0 netstandard2.1
.NET Framework net461 net462 net463 net47 net471 net472 net48 net481
MonoAndroid monoandroid
MonoMac monomac
MonoTouch monotouch
Tizen tizen40 tizen60
Xamarin.iOS xamarinios
Xamarin.Mac xamarinmac
Xamarin.TVOS xamarintvos
Xamarin.WatchOS xamarinwatchos
Compatible target framework(s)
Additional computed target framework(s)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (16)

Showing the top 5 NuGet packages that depend on NetEscapades.AspNetCore.SecurityHeaders:

Package Downloads

Tag Helpers for the ASP.NET Core Security Headers middleware for adding Nonces for use with SecurityHeadersMiddleware


Tools and base classes for AspNetCore as in Ark-way of using it


This NuGet package contains Asp Net extensions Layer for Indigina projects.


Package Description


Kolo GDS UI Accelerator

GitHub repositories (8)

Showing the top 5 popular GitHub repositories that depend on NetEscapades.AspNetCore.SecurityHeaders:

Repository Stars
Open source, headless, multi-tenant eCommerce platform built with .NET Core, MongoDB, AWS DocumentDB, Azure CosmosDB, Vue.js.
🕸 Yet Another .NET Clean Architecture, but for Microservices project. It uses Minimal Clean Architecture with DDD-lite, CQRS-lite, and just enough Cloud-native patterns apply on the simple eCommerce sample and run on Tye with Dapr extension 🍻
Free, Open source, Fast, Headless, Multi-tenant eCommerce platform built with .NET Core, MongoDB, AWS DocumentDB, Azure CosmosDB, LiteDB, Vue.js.
An ASP.NET Core 6.0 IdentityServer4 Identity Bootstrap 4 template with localization
Different ASP.NET Core applications using OpenID Connect Hybrid flow Code Flow, Code Flow with PKCE, JWT APIs, MFA examples
Version Downloads Last updated
0.18.0 133,616 1/2/2023
0.17.0 420,123 6/28/2022
0.16.1 694,994 11/23/2021
0.16.0 206,839 8/1/2021
0.15.0 147,974 6/26/2021
0.14.0 119,089 4/21/2021
0.13.0 106,399 2/9/2021
0.12.1 250,956 10/2/2020
0.12.0 1,970 10/1/2020
0.11.2 105,898 7/27/2020
0.11.1 667 7/27/2020
0.11.0 515,298 10/31/2019
0.10.0 16,147 9/27/2019
0.9.0 420,227 10/28/2018
0.8.0 14,118 10/10/2018
0.7.1 11,456 8/29/2018
0.7.0 66,115 1/14/2018
0.6.0 4,833 12/11/2017
0.5.0 1,420 12/5/2017
0.4.1 28,820 9/27/2017
0.3.1 47,390 4/14/2017
0.3.0 7,789 3/1/2017
0.2.1 13,742 9/14/2016
0.1.1 1,324 8/12/2016
0.1.0 1,552 8/2/2016
0.1.0-beta-0003 877 6/2/2016


* Add support for applying document headers (such as CSP) to all responses (#130)
* Add support for `unsafe-hashes` and `wasm-unsafe-eval` (#125)
* Add support for Report-To directive in Content-Security-Policy (#126)
* Add support for sandbox directive in Content-Security-Policy (#127)
* Add support for Reporting-Endpoints header (part of the Reporting API) (#128)


* Document headers (such as CSP) are now applied to `application/javascript` in addition to `text/html` (#130)

See for more details.