public SecurityMiddleware(RequestDelegate next) { this._next = next; var urls = AppSetting.GetConfigArray("Security:ExcludeUrl"); if (urls != null) { foreach (var item in urls) { excludeUrl.Add(item.ToLower()); } } }