-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Abp.AspNetCore 8.4.0 .Net 7 Detect vulnerabilities when scanning using Snyk #6951
Comments
You may create a custom middleware and add this header. You can take a look at https://stackoverflow.com/a/37395430 |
I have added middleware in my code but still didn't work. here is my middleware:
|
Does this work on a raw ASP.NET Core project ? |
Yes, When I create a new Project, from ASP.Net Core 7 no issue detected on snyk. What makes me wonder is why this solution/project reads as ASP.NET Web API |
Could you share the website URL of the tool you used ? I mean snyk. |
Here's is the link https://snyk.io/ |
I think I have a Solution for this issue, but didn't know what the impacts are for the existing application. Just Delete the file "app.config" on the ".Web.Host" Project. Hope it's Help |
@frogerdevs you are right, this file is not used anymore. |
aspnetboilerplate/module-zero-core-template@10b838f
Hi every one,
I have vulnerability issues when scanning using snyk,
one of the issues is adding X-Frame-Options to global.asax.cs, because this project uses .net 7, I don't have this file anymore
here is the screenshot:
I have tried to add the configuration
<system.webServer> <httpProtocol> <customHeaders> <add name="X-Frame-Options" value="SAMEORIGIN" /> </customHeaders> </httpProtocol> </system.webServer>
in the app.config file, but it makes an error when running the application.
here is the error:
but the vulnerability issue is gone.
can anybody help me how to fix this?
Abp package version : Abp.AspNetCore 8.4.0.
Your base framework: .Net Core 7.
Steps needed to reproduce the problem.
The text was updated successfully, but these errors were encountered: