VAR/VAR.WebFormsCore
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove unnecessary headers from http responses.

Browse Source
This commit is contained in:
Valeriano A.R.
2018-03-17 14:43:01 +01:00
parent 130c20a30d
commit 8fe526089e
4 changed files with 42 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
VAR.Focus.Web/GlobalModule.cs Normal file
View File

@@ -0,0 +1,27 @@
using System;
using System.Web;
namespace VAR.Focus.Web
{
public class GlobalModule : IHttpModule
{
public void Dispose() { }
public void Init(HttpApplication context)
{
context.PreSendRequestHeaders += Context_PreSendRequestHeaders;
}
private void Context_PreSendRequestHeaders(object sender, EventArgs e)
{
HttpContext ctx = HttpContext.Current;
if (ctx == null) { return; }
ctx.Response.Headers.Remove("Server");
ctx.Response.Headers.Remove("X-Powered-By");
ctx.Response.Headers.Add("X-Content-Type-Options", "nosniff");
ctx.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
ctx.Response.Headers.Add("X-XSS-Protection", "1; mode=block");
}
}
}

1
VAR.Focus.Web/Pages/FrmBoard.cs
View File

@@ -1,6 +1,7 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Web; using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls; using System.Web.UI.WebControls;
using VAR.Focus.BusinessLogic; using VAR.Focus.BusinessLogic;
using VAR.Focus.BusinessLogic.Entities; using VAR.Focus.BusinessLogic.Entities;

1
VAR.Focus.Web/VAR.Focus.Web.csproj
View File

@@ -91,6 +91,7 @@
<Compile Include="Controls\CTextBox.cs" /> <Compile Include="Controls\CTextBox.cs" />
<Compile Include="Controls\IValidableControl.cs" /> <Compile Include="Controls\IValidableControl.cs" />
<Compile Include="Code\GlobalErrorHandler.cs" /> <Compile Include="Code\GlobalErrorHandler.cs" />
<Compile Include="GlobalModule.cs" />
<Compile Include="Pages\FormUtils.cs" /> <Compile Include="Pages\FormUtils.cs" />
<Compile Include="Pages\FrmBoard.cs"> <Compile Include="Pages\FrmBoard.cs">
<SubType>ASPXCodeBehind</SubType> <SubType>ASPXCodeBehind</SubType>

14
VAR.Focus.Web/web.config
View File

@@ -2,17 +2,29 @@
<configuration> <configuration>
<system.web> <system.web>
<compilation debug="true" targetFramework="4.6.1" /> <compilation debug="true" targetFramework="4.6.1" />
<httpModules>
<add name="GlobalModule" type="VAR.Focus.Web.GlobalModule" />
</httpModules>
<httpHandlers> <httpHandlers>
<clear /> <clear />
<add path="*" verb="*" type="VAR.Focus.Web.GlobalRouter" /> <add path="*" verb="*" type="VAR.Focus.Web.GlobalRouter" />
</httpHandlers> </httpHandlers>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" /> <pages clientIDMode="AutoID" enableViewState="false" enableSessionState="false" enableViewStateMac="false" />
<httpRuntime enableVersionHeader="false" />
</system.web> </system.web>
<system.webServer> <system.webServer>
<modules>
<add name="GlobalModule" type="VAR.Focus.Web.GlobalModule" />
</modules>
<handlers> <handlers>
<clear /> <clear />
<add name="GlobalRouter" path="*" verb="*" type="VAR.Focus.Web.GlobalRouter" /> <add name="GlobalRouter" path="*" verb="*" type="VAR.Focus.Web.GlobalRouter" />
</handlers> </handlers>
<validation validateIntegratedModeConfiguration="false" /> <validation validateIntegratedModeConfiguration="false" />
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
</customHeaders>
</httpProtocol>
</system.webServer> </system.webServer>
</configuration> </configuration>