Update dependency NetEscapades.AspNetCore.SecurityHeaders to 0.24.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
NetEscapades.AspNetCore.SecurityHeaders	0.14.0 -> 0.24.0

---

Release Notes

andrewlock/NetEscapades.AspNetCore.SecurityHeaders (NetEscapades.AspNetCore.SecurityHeaders)

v0.24.0

Features:

• Allow adding multiple uris to CSP builder AddFrameAncestors() #​179
• Add support for additional directives on Permissions-Policy header #​177 (Thanks @​Registeel!)

v0.23.0

Features:

• Add support for unsafe-hashes on style attributes, and inline event handlers #​162 (Thanks @​tiesmaster!)

v0.22.0

Features:

• Add support for Cross-Origin-Embedder-Policy: credentialless #​153 (Thanks RaceProUK!)

Bugfix:

• Fix documentation errors in StyleSourceAttr and StyleSourceElem directives #​152 (Thanks ThomasBjallas!)

v0.21.0

Features:

• Add support for using both 'none' and 'report-sample' in directives

v0.20.0

Features:

• Add support for script-src-attr, script-src-elem, style-src-attr, style-src-elem #​139

v0.19.0

Features:

• Apply "document" headers to text/javascript responses

v0.18.0

Features:

• Add support for applying document headers (such as CSP) to all responses (#​130)
• Add support for unsafe-hashes and wasm-unsafe-eval (#​125)
• Add support for Report-To directive in Content-Security-Policy (#​126)
• Add support for sandbox directive in Content-Security-Policy (#​127)
• Add support for Reporting-Endpoints header (part of the Reporting API) (#​128)

Bugfix:

• Document headers (such as CSP) are now applied to application/javascript in addition to text/html (#​130)

v0.17.0

Bugfix:

• Fix Cross-Origin-Embedder-Policy (COEP) not being added to non-HTML requests

v0.16.1

Bugfix:

• Fix Cross-Origin-Resource-Policy (CORP) not being added to non-HTML requests

v0.16.0

Features:

• Added support for Cross-Origin-Opener-Policy (COOP), Cross-Origin-Embedder-Policy (COEP) and Cross-Origin-Resource-Policy (CORP) (Thanks @​jeremylindsayni!)

v0.15.0

Features:

• Add support for creating custom CSP directives with CspDirectiveBuilder. Enables creating custom directives (for example unsupported, draft, directives) that require nonce or hash values

BugFix:

• Add missing EncryptedMedia directive to permissions policy (Thanks @​jotoledo)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 45.05%. Comparing base (a4e55ae) to head (7155281).

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #614   +/-   ##
=======================================
  Coverage   45.05%   45.05%           
=======================================
  Files         143      143           
  Lines        4071     4071           
  Branches      348      348           
=======================================
  Hits         1834     1834           
  Misses       2236     2236           
  Partials        1        1           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.