diff --git a/framework/src/Volo.Abp.AspNetCore.Mvc.UI.Bundling/Volo/Abp/AspNetCore/Mvc/UI/Bundling/TagHelpers/AbpTagHelperStyleService.cs b/framework/src/Volo.Abp.AspNetCore.Mvc.UI.Bundling/Volo/Abp/AspNetCore/Mvc/UI/Bundling/TagHelpers/AbpTagHelperStyleService.cs
index f399a62e10..6089fbd383 100644
--- a/framework/src/Volo.Abp.AspNetCore.Mvc.UI.Bundling/Volo/Abp/AspNetCore/Mvc/UI/Bundling/TagHelpers/AbpTagHelperStyleService.cs
+++ b/framework/src/Volo.Abp.AspNetCore.Mvc.UI.Bundling/Volo/Abp/AspNetCore/Mvc/UI/Bundling/TagHelpers/AbpTagHelperStyleService.cs
@@ -14,7 +14,7 @@ namespace Volo.Abp.AspNetCore.Mvc.UI.Bundling.TagHelpers;
 
 public class AbpTagHelperStyleService : AbpTagHelperResourceService
 {
-    private readonly IOptions<AbpSecurityHeadersOptions> _securityHeadersOptions;
+    protected AbpSecurityHeadersOptions SecurityHeadersOptions;
     public AbpTagHelperStyleService(
         IBundleManager bundleManager,
         IOptions<AbpBundlingOptions> options,
@@ -24,7 +24,7 @@ public class AbpTagHelperStyleService : AbpTagHelperResourceService
             options,
             hostingEnvironment)
     {
-        _securityHeadersOptions = securityHeadersOptions;
+        SecurityHeadersOptions = securityHeadersOptions.Value;
     }
 
     protected override void CreateBundle(string bundleName, List<BundleTagHelperItem> bundleItems)
@@ -52,7 +52,7 @@ public class AbpTagHelperStyleService : AbpTagHelperResourceService
 
         if (preload || Options.PreloadStylesByDefault || Options.PreloadStyles.Any(x => file.StartsWith(x, StringComparison.OrdinalIgnoreCase)))
         {
-            output.Content.AppendHtml(_securityHeadersOptions.Value.UseContentSecurityPolicyNonce
+            output.Content.AppendHtml(SecurityHeadersOptions.UseContentSecurityPolicyNonce
                 ? $"<link rel=\"preload\" href=\"{viewContext.GetUrlHelper().Content(file.EnsureStartsWith('~'))}\" as=\"style\" abp-csp-style />{Environment.NewLine}"
                 : $"<link rel=\"preload\" href=\"{viewContext.GetUrlHelper().Content(file.EnsureStartsWith('~'))}\" as=\"style\" onload=\"this.rel='stylesheet'\" />{Environment.NewLine}");
         }
diff --git a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs
index 5351bdbff9..ea60375fce 100644
--- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs
+++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs
@@ -54,7 +54,6 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency
 
         context.Response.OnStarting(() =>
         {
-            // is response already have CSP header?
             if (context.Response.Headers.ContainsKey("Content-Security-Policy"))
             {
                 return Task.CompletedTask;
@@ -64,8 +63,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency
             {
                 return Task.CompletedTask;
             }
-
-            // is response successfully?
+            
             if (context.Response.StatusCode is < 200 or > 299)
             {
                 return Task.CompletedTask;
diff --git a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersOptions.cs b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersOptions.cs
index 1b7b88fce4..7ec8dc453f 100644
--- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersOptions.cs
+++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersOptions.cs
@@ -11,7 +11,7 @@ public class AbpSecurityHeadersOptions
     
     public bool UseContentSecurityPolicyNonce { get; set; }
 
-    public Dictionary<string,IEnumerable<string>> ContentSecurityPolicyValues { get; }
+    public Dictionary<string, IEnumerable<string>> ContentSecurityPolicyValues { get; }
 
     public Dictionary<string, string> Headers { get; }