/// <summary>
        /// Adds middleware to your web application pipeline to automatically add security headers to requests
        /// </summary>
        /// <param name="app">The IApplicationBuilder passed to your Configure method.</param>
        /// <param name="builder">A configured policy builder to build a policy.</param>
        /// <returns>The original app parameter</returns>
        public static IApplicationBuilder UseSecurityHeadersMiddleware(this IApplicationBuilder app, SecurityHeadersBuilder builder)
        {
            if (app == null)
            {
                throw new ArgumentNullException(nameof(app));
            }

            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            SecurityHeadersPolicy policy = builder.Build();

            return(app.UseMiddleware <SecurityHeadersMiddleware>(policy));
        }
 /// <summary>
 /// Instantiates a new <see cref="SecurityHeadersMiddleware"/>.
 /// </summary>
 /// <param name="next">The next middleware in the pipeline.</param>
 /// <param name="policy">An instance of the <see cref="SecurityHeadersPolicy"/> which can be applied.</param>
 public SecurityHeadersMiddleware(RequestDelegate next, SecurityHeadersPolicy policy)
 {
     _next   = next ?? throw new ArgumentNullException(nameof(next));
     _policy = policy ?? throw new ArgumentNullException(nameof(policy));
 }