Web API: How do I clean up the data in my HttpResponse?

There are some very simple web.config settings that can be applied to reduce the amount on unnecessary data returned in an HttpReponse and to minimise ways that hackers can hijack system information.

Here is a quick snippet of web.config settings that may be useful.

<Config>
<system.web>
 <httpRuntime enableVersionHeader="false" />
</system.web>
<system.webServer>
<httpProtocol>
 <customHeaders>
<add name="Strict-Transport-Security" value="778000; includeSubdomains" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="X-Permitted-Cross-Domain-Policies" value="none" />
<add name="X-XSS-Protection" value="1; mode=block" />
<add name="Cache-Control" value="no-store" />
<add name="Pragma" value="no-cache" />
<remove name="X-Powered-By" />
 </customHeaders>
</httpProtocol>
</system.webServer>
</Config>


Comments

Post a Comment

Popular posts from this blog

SharePoint 2013: Error updating managed account credentials

I encountered the following message when trying to change a password for a managed account: Error deploying administration application pool credentials. Another deployment may be active. An object of the type Microsoft.SharePoint.Administration.SPAdminAppPoolCredentialDeploymentJobDefinition named "job-admin-apppool-change" already exists under the parent Microsoft.SharePoint.Administration.SPTimerService named "SPTimerV4".  Rename your object or delete the existing object. The error message is self explanatory - Rename your object or delete the existing object.  I choose the latter. Powershell to the rescue. $job = Get-SPTimerJob -Identity "job-admin-apppool-change" $job.Delete() Reset the password and all should be good.
Read more

Error deploying Nintex workflow: An item with the same key has already been added

My client recently upgraded their version of Nintex Workflow 2010 and suddenly some of my workflows started to fail on deployment. The following error cropped up: Error deploying workflow: Server was unable to process request. ---> An item with the same key has already been added. ---> An item with the same key has already been added. WTF???? A little digging unveiled the problem - I had two items in a 'Create Item' shape with the SAME DISPLAYNAME. I needed to move the second item to a new 'Update Item' shape in order for it to work. I order to get the workflow to deploy, I had to manually remove the 'duplicate' item from the serialized XML. Hooray!! It was then a simple matter of creating a new shape to update the 'duplicate' value.
Read more