Starts in:

1 DAY

11 HRS

8 MIN

20 SEC

Starts in:

1 D

11 H

8 M

20 S

Closed

CSP header missing - How to set CSP correctly to mitigate XSS attacks #2394

0

Rajasekhar created 3 years ago

ABP Framework version: v5.0.0
UI type: MVC
DB provider: EF Core
Tiered (MVC) or Identity Server Separated (Angular): no
Exception message and stack trace:
Steps to reproduce the issue:"

We have deployed the ABP application for security testing and we have got CSP header missing Vulnerability

Please let us know how to configure the sever to return Content Security Policy HTTP header.

2 Answer(s)

0

berkansasmaz created 3 years ago
Support Team .NET Developer

You can use the UseAbpSecurityHeaders middleware.

app.UseAbpSecurityHeaders();

In addition to this, this article may also be of use to you.
0

Rajasekhar created 3 years ago

Thanks

1

Have an answer to this question? Log in and write your answer.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06