- Loading...
Sponsored by Dometrain Courses—Get 30% off Dometrain Pro with code ANDREW30 and access the best courses for .NET Developers
My new book ASP.NET Core in Action, Third Edition is available now! It supports .NET 7.0, and is available as an eBook or paperback.
Cross-Origin-Opener-Policy: preventing attacks from popups
Understanding cross-origin security headers - Part 1
In this post I describe the vulnerabilities in window.opener and window.open() and how to protect yourself with Cross-Origin-Opener-Policy…
Understanding cross-origin security headers
In this series I look at some of the security headers you can apply to your applications to enhance your security when interacting with cross-origin resources…
Major updates to NetEscapades.AspNetCore.SecurityHeaders
In this post I describe the recent major changes to NetEscapades.AspNetCore.SecurityHeaders, a NuGet package for adding security headers to your apps.…
Avoiding CDN supply-chain attacks with Subresource Integrity (SRI)
In this post I discus the recent pollyfill.io supply-chain attack and describe how to protect against similar attacks using Subresource Integrity (SRI)…
Configuring HTTPS using a custom TLS certificate with Netlify and Cloudflare
In this post I describe an HTTPS issue when using Cloudflare in front of Netlify, and how to create a custom TLS certificate for full encryption.…
An introduction to the Data Protection system in ASP.NET Core
In this post I provide a primer on the ASP.NET Core data-protection system: what it is, why do we need it, and how it works at a high level…
