Original Post: Security Headers for ASP.Net and .Net CORE
The article discusses the process of adding security headers to the proof of concept website DevSlop.co, as a part of the OWASP DevSlop project by the author and Franziska Bühler. The authors installed security headers during the OWASP DevSlop Show but faced challenges with .Net Core apps not having a web.config file. They then proceeded to add the headers back into the app, in the startups.cs file. The article provides the code for adding security headers for ASP.Net and .Net Core apps, along with plans to add additional security settings in the future. The authors emphasize the importance of implementing security headers and provide resources for further information on the topic.
Go here to read the Original Post