Serial podcast creator and .NET Core maniac.
Can often be found talking about everything and nothing on one of the many podcasts that he produces (only one of them is about .NET Core, honest)
Location
Leeds, UK
Education
Computer Science with Games Development - BSc
Work
.NET Development Contractor; Podcast host, producer and editor
I'm still looking for help with figuring out how to implement a few features with my ASP.NET Core Middleware for adding suggested HTTP headers, OwaspHeaders.Core:
A .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
OwaspHeaders.Core
A .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security.
Build status
Licence Used
See the contents of the LICENSE file for details
Code Triage Status
Code of Conduct
ClacksMiddleware has a Code of Conduct which all contributors, maintainers and forkers must adhere to. When contributing, maintaining, forking or in any other way changing the code presented in this repository, all users must agree to this Code of Conduct.
You don't need to be a .NET developer in order to help out, because I'm looking for folks to help me out by discussing how to implement them in a framework agnostic way. Specifically this one:
Clear Site-Data is a new header which can be used to tell the browser to wipe out cookies and tokens automatically when a user logs out. This can be useful in stopping Session Hijacking once a user has logged out.
Adding support for the Clear Site-Data header will require some form of controller attribute, perhaps. This is because we don't want Clear Site-Data to be included in every response from the server, only those responses which are generated by logging out.
This will require some thought and planning before implementation.
I'm still looking for help with figuring out how to implement a few features with my ASP.NET Core Middleware for adding suggested HTTP headers, OwaspHeaders.Core:
A .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
OwaspHeaders.Core
A .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security.
Build status
Licence Used
See the contents of the LICENSE file for details
Code Triage Status
Code of Conduct
ClacksMiddleware has a Code of Conduct which all contributors, maintainers and forkers must adhere to. When contributing, maintaining, forking or in any other way changing the code presented in this repository, all users must agree to this Code of Conduct.
See Code of Conduct.md for details.
Pull Requests
Pull requests are welcome, but please take a moment to read the Code of Conduct before submitting them or commenting on any work in this repo.
NuGet package
OwaspHeaders.Core is now availble as a NuGet package. The NuGet package can be accessed here
Development Logs
This repository forms the basis for a series of blog posts that I have written on the topic of ASP.NET Core middleware.
If…
You don't need to be a .NET developer in order to help out, because I'm looking for folks to help me out by discussing how to implement them in a framework agnostic way. Specifically this one:
Description
Clear Site-Data is a new header which can be used to tell the browser to wipe out cookies and tokens automatically when a user logs out. This can be useful in stopping Session Hijacking once a user has logged out.
Adding support for the Clear Site-Data header will require some form of controller attribute, perhaps. This is because we don't want Clear Site-Data to be included in every response from the server, only those responses which are generated by logging out.
This will require some thought and planning before implementation.
Links to Header Information
I'll happily talk anyone through how ASP.NET Core handles middleware and how I've designed the code, too.