Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Can X-Powered-By response header be removed?
#1
We are currently using IntraWeb 14.2.3 with Delphi 10.1 Berlin and have an ISAPI application running under IIS 8.5.  We have recently had a scan done on our app which uncovered the "Information Leakage in Server Response" vulnerability.  Specifically it shows X-Powered-By: IntraWeb which we cannot figure out how to remove.  We have tried adding <remove name="X-Powered-By" /> to the custom headers section of the web.config however that did not seem to have an effect.  We don't see where in the Server Controller this can be done either.  Can the X-Powered-By header be removed or at the very least overwritten?  If so please explain.
Reply


Messages In This Thread
Can X-Powered-By response header be removed? - by rchristi12 - 10-02-2018, 05:33 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)