Article Details
| Id: | 18076 |
| Product: | finPOWER Connect WS |
| Type: | NEW |
| Version: | 3.04.00.28 |
| Opened: | 14/04/2021 |
| Closed: | 14/04/2021 |
| Released: | 01/07/2021 |
| Job: | J026354 |
Some HTTP Headers removed from Response for non-static files
The following HTTP Headers have been removed the the Response sent from both Web Services and finPOWER Connect Cloud:
- X-AspNet-Version
- X-Powered-By
In addition to this, the following headers will return blank values:
- Server
Removing these headers is a low-impact security change since it provides less information for potential attackers.
NOTE: Currently these headers will still appear for static files such as CSS and JS files.