Article Details
Id: | 18076 |
Product: | finPOWER Connect WS |
Type: | NEW |
Version: | 3.04.00.28 |
Opened: | 14/04/2021 |
Closed: | 14/04/2021 |
Released: | 01/07/2021 |
Job: | J026354 |
Some HTTP Headers removed from Response for non-static files
The following HTTP Headers have been removed the the Response sent from both Web Services and finPOWER Connect Cloud:
- X-AspNet-Version
- X-Powered-By
In addition to this, the following headers will return blank values:
- Server
Removing these headers is a low-impact security change since it provides less information for potential attackers.
NOTE: Currently these headers will still appear for static files such as CSS and JS files.