Definition
Assembly: Microsoft.OData.Mcp.Core.dll Namespace: Microsoft.OData.Mcp.Core.Configuration Inheritance: System.ObjectSyntax
Summary
Configuration for security-related HTTP headers.Remarks
Security headers configuration controls the HTTP headers that are sent with responses to provide additional protection against various web-based attacks such as XSS, clickjacking, MIME sniffing, and protocol downgrade attacks.Constructors
.ctor
Syntax
.ctor Inherited
Inherited from
objectSyntax
Properties
EnableHsts
Gets or sets a value indicating whether HTTP Strict Transport Security (HSTS) is enabled.Syntax
Property Value
Type:bool
true to enable HSTS; otherwise, false.
Remarks
HSTS forces browsers to use HTTPS connections and prevents protocol downgrade attacks. This should be enabled for production environments using HTTPS.EnableXContentTypeOptions
Gets or sets a value indicating whether X-Content-Type-Options header is enabled.Syntax
Property Value
Type:bool
true to enable X-Content-Type-Options; otherwise, false.
Remarks
The X-Content-Type-Options header prevents browsers from MIME sniffing, which can lead to security vulnerabilities when serving user-uploaded content.EnableXFrameOptions
Gets or sets a value indicating whether X-Frame-Options header is enabled.Syntax
Property Value
Type:bool
true to enable X-Frame-Options; otherwise, false.
Remarks
The X-Frame-Options header prevents the page from being embedded in frames, protecting against clickjacking attacks.XFrameOptions
Gets or sets the X-Frame-Options header value.Syntax
Property Value
Type:string
The X-Frame-Options directive value.
Remarks
Valid values are “DENY” (never allow framing), “SAMEORIGIN” (allow framing from same origin), or “ALLOW-FROM uri” (allow framing from specific URI).Methods
Clone
Creates a copy of this security headers configuration.Syntax
Returns
Type:Microsoft.OData.Mcp.Core.Configuration.SecurityHeadersConfiguration
A new instance with the same settings.
Equals Inherited Virtual
Inherited from
objectSyntax
Parameters
| Name | Type | Description |
|---|---|---|
obj | object? | - |
Returns
Type:bool
Equals Inherited
Inherited from
objectSyntax
Parameters
| Name | Type | Description |
|---|---|---|
objA | object? | - |
objB | object? | - |
Returns
Type:bool
ForDevelopment
Creates a security headers configuration optimized for development environments.Syntax
Returns
Type:Microsoft.OData.Mcp.Core.Configuration.SecurityHeadersConfiguration
A security headers configuration suitable for development use.
ForProduction
Creates a security headers configuration optimized for production environments.Syntax
Returns
Type:Microsoft.OData.Mcp.Core.Configuration.SecurityHeadersConfiguration
A security headers configuration suitable for production use.
GetHashCode Inherited Virtual
Inherited from
objectSyntax
Returns
Type:int
GetType Inherited
Inherited from
objectSyntax
Returns
Type:System.Type
MemberwiseClone Inherited
Inherited from
objectSyntax
Returns
Type:object
MergeWith
Merges another security headers configuration into this one.Syntax
Parameters
| Name | Type | Description |
|---|---|---|
other | Microsoft.OData.Mcp.Core.Configuration.SecurityHeadersConfiguration | The configuration to merge into this one. |
ReferenceEquals Inherited
Inherited from
objectSyntax
Parameters
| Name | Type | Description |
|---|---|---|
objA | object? | - |
objB | object? | - |
Returns
Type:bool
ToString Inherited Virtual
Inherited from
objectSyntax
Returns
Type:string?
Validate
Validates the security headers configuration.Syntax
Returns
Type:System.Collections.Generic.IEnumerable<string>
A collection of validation errors, or empty if the configuration is valid.