要允许所有的HttpGet请求，可以使用ASP.NET Core中的策略系统。以下是一个示例代码，该代码允许所有的HttpGet请求通过：

首先，需要在Startup.cs文件中的ConfigureServices方法中添加所需的策略：

public void ConfigureServices(IServiceCollection services)
{
    services.AddControllers();

    services.AddAuthorization(options =>
    {
        options.AddPolicy("AllowGetRequests",
            policy => policy.Requirements.Add(new HttpMethodRequirement(HttpMethod.Get)));
    });

    // 注册策略处理程序
    services.AddSingleton();
}

接下来，需要创建一个自定义的策略要求类，用于指定所需的请求方法：

using System.Net.Http;
using Microsoft.AspNetCore.Authorization;

public class HttpMethodRequirement : IAuthorizationRequirement
{
    public HttpMethod HttpMethod { get; }

    public HttpMethodRequirement(HttpMethod httpMethod)
    {
        HttpMethod = httpMethod;
    }
}

然后，创建一个自定义的策略处理程序类，用于验证请求的方法是否符合要求：

using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;

public class HttpMethodAuthorizationHandler : AuthorizationHandler
{
    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, HttpMethodRequirement requirement)
    {
        var httpMethod = context.Resource as HttpContext?
            .Request.Method;

        if (httpMethod != null && httpMethod.Equals(requirement.HttpMethod.Method, System.StringComparison.OrdinalIgnoreCase))
        {
            context.Succeed(requirement);
        }

        return Task.CompletedTask;
    }
}

最后，在需要应用该策略的控制器或操作方法上使用[Authorize]特性，并指定所需的策略名称：

[ApiController]
[Route("api/[controller]")]
public class TestController : ControllerBase
{
    [HttpGet]
    [Authorize(Policy = "AllowGetRequests")]
    public IActionResult Get()
    {
        return Ok("Get request allowed");
    }
}

现在，所有的HttpGet请求将被允许通过。如果要允许其他请求方法，只需在策略定义中添加相应的要求即可。