< Summary

Information
Class: ProjectTemplate.Web.Extensions.SecurityHeadersExtensions
Assembly: ProjectTemplate.Web
File(s): /home/runner/work/NetCoreApplicationTemplate/NetCoreApplicationTemplate/src/ProjectTemplate.Web/Extensions/SecurityHeadersExtensions.cs
Line coverage
100%
Covered lines: 22
Uncovered lines: 0
Coverable lines: 22
Total lines: 56
Line coverage: 100%
Branch coverage
83%
Covered branches: 5
Total branches: 6
Branch coverage: 83.3%
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
AddApplicationSecurityHeaders(...)83.33%66100%
UseApplicationSecurityHeaders(...)100%11100%

File(s)

/home/runner/work/NetCoreApplicationTemplate/NetCoreApplicationTemplate/src/ProjectTemplate.Web/Extensions/SecurityHeadersExtensions.cs

#LineLine coverage
 1using ProjectTemplate.Web.Middleware;
 2using ProjectTemplate.Web.Options;
 3
 4namespace ProjectTemplate.Web.Extensions;
 5
 6/// <summary>
 7/// Provides extension methods to register and enable security headers functionality.
 8/// </summary>
 9public static class SecurityHeadersExtensions
 10{
 11    /// <summary>
 12    /// Registers the <see cref="ApplicationSecurityHeadersOptions"/> configuration section with the DI container.
 13    /// </summary>
 14    /// <param name="services">The service collection to add the configuration to.</param>
 15    /// <param name="configuration">The application configuration containing the "SecurityHeaders" section.</param>
 16    /// <returns>The original <see cref="IServiceCollection"/> for chaining.</returns>
 17    public static IServiceCollection AddApplicationSecurityHeaders(
 18        this IServiceCollection services,
 19        IConfiguration configuration)
 20    {
 15221        services
 15222            .AddOptions<ApplicationSecurityHeadersOptions>()
 15223            .Bind(configuration.GetSection(ApplicationSecurityHeadersOptions.SectionName))
 15224            .Validate(
 15225                options =>
 25826                    !options.EnableContentSecurityPolicy ||
 25827                    !string.IsNullOrWhiteSpace(options.ContentSecurityPolicy),
 15228                "ProjectTemplate:SecurityHeaders:ContentSecurityPolicy is required when CSP is enabled.")
 15229            .Validate(
 15230                options =>
 25831                    !options.EnablePermissionsPolicy ||
 25832                    !string.IsNullOrWhiteSpace(options.PermissionsPolicy),
 15233                "ProjectTemplate:SecurityHeaders:PermissionsPolicy is required when Permissions-Policy is enabled.")
 15234            .Validate(
 15235                options =>
 25836                    options.ExcludedPathPrefixes.All(path =>
 128437                        !string.IsNullOrWhiteSpace(path) &&
 128438                        path.StartsWith('/')),
 15239                "ProjectTemplate:SecurityHeaders:ExcludedPathPrefixes values must start with '/'.")
 15240            .ValidateOnStart();
 41
 15242        return services;
 43    }
 44
 45    /// <summary>
 46    /// Adds the security headers middleware to the application's request pipeline.
 47    /// </summary>
 48    /// <param name="app">The application builder used to configure the request pipeline.</param>
 49    /// <returns>The original <see cref="IApplicationBuilder"/> for chaining.</returns>
 50    public static IApplicationBuilder UseApplicationSecurityHeaders(
 51        this IApplicationBuilder app)
 52    {
 14253        return app.UseMiddleware<SecurityHeadersMiddleware>();
 54    }
 55}
 56
Generated by: ReportGenerator 5.5.10.0
06/01/2026 - 18:42:45
GitHub | reportgenerator.io

Methods/Properties

AddApplicationSecurityHeaders(Microsoft.Extensions.DependencyInjection.IServiceCollection,Microsoft.Extensions.Configuration.IConfiguration)
UseApplicationSecurityHeaders(Microsoft.AspNetCore.Builder.IApplicationBuilder)