TerribleDev / Hardhat
Licence: mit
Help secure .net core apps with various HTTP headers (such as CSP's)
Stars: ✭ 138
Projects that are alternatives of or similar to Hardhat
Carter
Carter is framework that is a thin layer of extension methods and functionality over ASP.NET Core allowing code to be more explicit and most importantly more enjoyable.
Stars: ✭ 875 (+534.06%)
Mutual labels: middleware, asp-net-core
Aspnetcoreratelimit
ASP.NET Core rate limiting middleware
Stars: ✭ 2,199 (+1493.48%)
Mutual labels: middleware, asp-net-core
Znetcs.aspnetcore.authentication.basic
A simple basic authentication middleware.
Stars: ✭ 40 (-71.01%)
Mutual labels: middleware, asp-net-core
Laravel Authz
An authorization library that supports access control models like ACL, RBAC, ABAC in Laravel.
Stars: ✭ 136 (-1.45%)
Mutual labels: middleware
Godot Fmod Integration
FMOD Studio middleware integration and scripting API bindings for the Godot game engine.
Stars: ✭ 130 (-5.8%)
Mutual labels: middleware
Frapper
ASP.NET Core 3.1 Beginners project template with complete Custom User Management and lot's of other useful Features Which Helps you for Rapid Application Development.
Stars: ✭ 129 (-6.52%)
Mutual labels: asp-net-core
L5 Very Basic Auth
Stateless HTTP basic auth for Laravel without the need for a database.
Stars: ✭ 127 (-7.97%)
Mutual labels: middleware
Lib.aspnetcore.serversentevents
Lib.AspNetCore.ServerSentEvents is a library which provides Server-Sent Events (SSE) support for ASP.NET Core
Stars: ✭ 138 (+0%)
Mutual labels: asp-net-core
Foxify
The fast, easy to use & typescript ready web framework for Node.js
Stars: ✭ 138 (+0%)
Mutual labels: middleware
Dashport
Local and OAuth authentication middleware for Deno
Stars: ✭ 131 (-5.07%)
Mutual labels: middleware
Zan Proxy
An extensible proxy for PC/Mobile/APP developer
Stars: ✭ 1,727 (+1151.45%)
Mutual labels: middleware
Advanced Http4s
🌈 Code samples of advanced features of Http4s in combination with some features of Fs2 not often seen.
Stars: ✭ 136 (-1.45%)
Mutual labels: middleware
Sunengine
SunEngine – site engine with blog, forum and articles sections features support.
Stars: ✭ 130 (-5.8%)
Mutual labels: asp-net-core
Nlayerappv3
Domain Driven Design (DDD) N-LayeredArchitecture with .Net Core 2
Stars: ✭ 138 (+0%)
Mutual labels: asp-net-core
Go Http Metrics
Go modular http middleware to measure HTTP requests independent of metrics backend (with Prometheus and OpenCensus as backend implementations) and http framework/library
Stars: ✭ 128 (-7.25%)
Mutual labels: middleware
Websocket Rpc
WebSocket RPC library for .NET with auto JavaScript client code generation, supporting ASP.NET Core
Stars: ✭ 132 (-4.35%)
Mutual labels: asp-net-core
Clastic
🏔️ A functional web framework that streamlines explicit development practices while eliminating global state.
Stars: ✭ 131 (-5.07%)
Mutual labels: middleware
Secure
HTTP middleware for Go that facilitates some quick security wins.
Stars: ✭ 1,855 (+1244.2%)
Mutual labels: middleware
Hard Hat
HardHat is a set of .net core middleware that adds various headers to help protect your site from vulnerabilities. Inspired by helmetJS. We have some docs they are still a work in progress, so please feel free to submit changes to them.
In short this allows:
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
...
app.UseDnsPrefetch(allow: false); //turn off dns prefetch to protect the privacy of users
app.UseFrameGuard(new FrameGuardOptions(FrameGuardOptions.FrameGuard.SAMEORIGIN)); //prevent clickjacking, by not allowing your site to be rendered in an iframe
// app.UseFrameGuard(new FrameGuardOptions("otherdomain.com")); or allow iframes on another domain
app.UseHsts(maxAge: 5000, includeSubDomains: true, preload: false); //tell browsers to always use https for the next 5000 seconds
app.UseReferrerPolicy(ReferrerPolicy.NoReferrer); // do not include the referrer header when linking away from your site to protect your users privacy
app.UseIENoOpen(); // don't allow old ie to open files in the context of your site
app.UseNoMimeSniff(); // prevent MIME sniffing https://en.wikipedia.org/wiki/Content_sniffing
app.UseCrossSiteScriptingFilters(); //add headers to have the browsers auto detect and block some xss attacks
app.UseContentSecurityPolicy( // Provide a security policy so only content can come from trusted sources
new ContentSecurityPolicyBuilder()
.WithDefaultSource(CSPConstants.Self)
.WithImageSource("http://images.mysite.com")
.WithFontSource(CSPConstants.Self)
.WithFrameAncestors(CSPConstants.None)
.BuildPolicy()
);
app.UseHpkp(maxAge: 5184000, keys: new List<PublicKeyPin>{ // Prevent man in the middle attacks by providing a hash of your public keys
new PublicKeyPin("cUPcTAZWKaASuYWhhneDttWpY3oBAkE3h2+soZS7sWs=", HpKpCrypto.sha256),
new PublicKeyPin("M8HztCzM3elUxkcjR2S5P4hhyBNf6lHkmjAHKhpGPWE=", HpKpCrypto.sha256)
}, includeSubDomains: true, reportUri: "/report", reportOnly: false);
...
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
Getting started
- Install the nuget package
Install-Package HardHat - Add the middleware you desire to your configure block.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].