Content Security Policy (CSP) for ASP.NET MVC

Content Security Policy (CSP) is a HTTP header which white-lists content the browser is allowed to load. This post discusses its application in ASP.NET MVC.


NWebSec ASP.NET MVC Security Through HTTP Headers

The NWebSec NuGet packages help secure your ASP.NET MVC site using HTTP headers. The ASP.NET Core Boilerplate project template configures them our of the box.