9 HTTP headers

This chapter covers

Understanding leaky ASP.NET Core HTTP response headers
Removing HTTP headers that are too revealing
Discovering HTTP headers offering browser security features
Adding custom HTTP headers to an HTTP response

MITRE Corporation, the well-known research facility doing major work for the US government, is the initiator and sponsor of the CVE Program (https://cve.org). Its goal is to identify and list common vulnerabilities, thus the name CVE: Common Vulnerabilities and Exposures. The website—www.cvedetails.com/, independent of MITRE and the CVE project, but reusing its classification scheme—provides a searchable list of all reported vulnerabilities in various software products. For instance, http://mng.bz/gwDe ...

Get ASP.NET Core Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ASP.NET Core Security by Christian Wenz

9 HTTP headers

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly