- Loading...
Sponsored by Dometrain Courses—Get 30% off Dometrain Pro with code ANDREW30 and access the best courses for .NET Developers
My new book ASP.NET Core in Action, Third Edition is available now! It supports .NET 7.0, and is available as an eBook or paperback.
Cross-Origin-Embedder-Policy: securing embedded resources
Understanding cross-origin security headers - Part 3
In this post I discuss the Cross-Origin-Embedder-Policy, the requirements it places on your resources, and why it's required for some JavaScript APIs…
Cross-Origin-Resource-Policy: preventing hotlinking and XSSI attacks
Understanding cross-origin security headers - Part 2
In this post I describe how to use the Cross-Origin-Resource-Policy to block cross-origin requests that would normally be allowed, such as in <img> tags…
Cross-Origin-Opener-Policy: preventing attacks from popups
Understanding cross-origin security headers - Part 1
In this post I describe the vulnerabilities in window.opener and window.open() and how to protect yourself with Cross-Origin-Opener-Policy…
Understanding cross-origin security headers
In this series I look at some of the security headers you can apply to your applications to enhance your security when interacting with cross-origin resources…
Major updates to NetEscapades.AspNetCore.SecurityHeaders
In this post I describe the recent major changes to NetEscapades.AspNetCore.SecurityHeaders, a NuGet package for adding security headers to your apps.…
Using Unix domain sockets with ASP.NET Core and HttpClient
In this post I show how to create an ASP.NET Core server that listens using Unix domain sockets, and how to call the server using an HttpClient…
