Explanation/Reference:
Explanation:
Box 1: return _next(httpContext);
Example:
public Task Invoke(HttpContext httpContext)
{
httpContext.Response.Headers.Add("X-Xss-Protection", "1");
httpContext.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
httpContext.Response.Headers.Add("X-Content-Type-Options", "nosniff");
return _next(httpContext);
}
Box 2: UseSecurityMiddleware
Box 3: UseMiddleware<SecurityMiddleware>()
Example:
public static class SecurityMiddlewareExtensions
{
public static IApplicationBuilder UseSecurityMiddleware(this IApplicationBuilder builder)
{
return builder.UseMiddleware<SecurityMiddleware>();
}
}
Box 4: UseSecurityMiddleware
The Extensions part is optional, but it does allow you to write code like this :
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
app.UseMiddleware<SecurityMiddleware>(); //If I didn't have the extension method app.UseSecurityMiddleware(); //Nifty encapsulation with the extension
}
Reference:
https://dotnetcoretutorials.com/2017/03/10/creating-custom-middleware-asp-net-core/
https://docs.microsoft.com/en-us/aspnet/core/fundamentals/middleware/?view=aspnetcore-
2.1&tabs=aspnetcore2x