AddDefaultSecurePolicyAndReport(Uri,TrustingSites) Method

Add default security headers configuration in each request of the firewall and has the browser report any violations to the url but trust some sites

Syntax

ISecurityHeadersBuilder AddDefaultSecurePolicyAndReport( 
   Uri uri,
   TrustingSites trust
)

Parameters

uri: The URL used to report
trust: The sites you are willing to trust

Return Value

SecurityHeadersBuilder

Remarks

The default configuration is the same as calling

AddFrameOptionsDeny()
AddXssProtectionBlockAndReport(url)
AddContentTypeOptionsNoSniff()
AddContentSecurityPolicyButTrust(TrustingSites.SubDomains | TrustingSites.Bootstrap | TrustingSites.Google | TrustingSites.Jquery)
RemoveServerHeader()

You can chain this with other methods in this class, duplicated policies will be ignored.

Requirements

Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

Reference

ISecurityHeadersBuilder Interface
ISecurityHeadersBuilder Members
Overload List
Walter.Web.FireWall.Headers.SecurityHeadersBuilder.AddFrameOptionsDeny
Walter.Web.FireWall.Headers.SecurityHeadersBuilder.AddXssProtectionBlockAndReport(System.String)
Walter.Web.FireWall.Headers.SecurityHeadersBuilder.AddContentTypeOptionsNoSniff
Walter.Web.FireWall.Headers.SecurityHeadersBuilder.AddStrictTransportSecurityMaxAge(System.Int32)
Walter.Web.FireWall.Headers.SecurityHeadersBuilder.RemoveServerHeader