Cookie(s) without HttpOnly flag set
| Nisan 11, 2017web.config
1 2 3 | <system.web> <httpCookies requireSSL="true" /> </system.web> |
Security Kategori
Clickjacking: X-Frame-Options header missing
| Nisan 11, 2017web.config
1 2 3 4 5 | <httpProtocol> <customHeaders> <add name="X-Frame-Options" value="SAMEORIGIN" /> </customHeaders> </httpProtocol> |
ASP.NET version disclosure
| Nisan 11, 2017Web.config
1 2 3 | <System.Web> <httpRuntime enableVersionHeader="false" /> </System.Web> |