3.823.0

vc-ci released this 06 May 13:00

· 130 commits to master since this release

572a5c5

🎯 Development

Adds SecurityHeaders configuration to configure iframe security policy (#2786)

SecurityHeaders Configuration

FrameOptions - for X-Frame-Options header configuration. Allowed values: Deny - default, SameOrigin, or custom uri.
FrameAncestors - for FrameAncestors configuration in Content-Security-Header header. Allowed values: None - default, Self, or custom uri.

appsettings.json

  "SecurityHeaders": {
    // X-Frame-Options header configuration. Allowed values: Deny - default, SameOrigin, or custom uri.
    "FrameOptions": "Deny",
    // FrameAncestors configuration in Content-Security-Header header. Allowed values: None - default, Self, or custom uri.
    "FrameAncestors": "None"
  },

Assets 3