关于[Security headers in ASP.NET Core]的摘要:
In ASP.NET Core, you can set the headers for every requests using a middleware. ASP.NET Core provides a middleware to set the HSTS headers when needed and redirecting to https. You'll have to set other security headers manually.
原文地址: https://www.meziantou.net/security-headers-in-asp-net-core.htm