TechQA.

"Strict Transport Security" in Blazor webassembly

857 views Asked by At

I Have 2 web applications: MVC & Blazor webassembly.

In MVC project I was able to set up the application to enforce the strict-transport-security by adding HSTS Middleware in startup class by following the instructions in Microsoft documentation.

The question is: how can I configure a Blazor webassembly to enforce strict-transport-security in its response headers?

I tried that by adding the following web.config file to the project:

<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
  <location>
    <system.webServer>
      <security xdt:Transform="Insert">
        <requestFiltering removeServerHeader="true" />
      </security>
      <httpProtocol xdt:Transform="Insert">
        <customHeaders>
          <remove name="X-Powered-By" />
          <add name="Strict-Transport-Security" value="max-age=31536000" />
       </customHeaders>
      </httpProtocol>
    </system.webServer>
  </location>
</configuration>

But I could not deploy the application after adding this config file.

c# blazor-webassembly .net-5 hsts strict-transport-security
Original Q&A
0

There are 0 answers

Related Questions in C#

Related Questions in BLAZOR-WEBASSEMBLY

Related Questions in .NET-5

Related Questions in HSTS

Related Questions in STRICT-TRANSPORT-SECURITY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions