User-1330468790 posted
Hi maverick786us,
If you mean "Orion" in your research result, it is just a platform to do IT management. You don't need to focus on this word.
Now your question is how to remove Response header> X-ASP.NET Version. In case you want to hide more unnecessary HTTP headers in IIS and ASP.NET, you could refer to below steps.
- Add this to
web.config to get rid of the X-AspNet-Version header:
<system.web>
<httpRuntime enableVersionHeader="false" />
</system.web>
X-Powered-By is a custom header in IIS. Since IIS 7, you can remove it by adding the following to your web.config:
This header can also be modified to your needs, for more information refer to http://www.iis.net/ConfigReference/system.webServer/httpProtocol/customHeaders
<system.webServer>
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
</customHeaders>
</httpProtocol>
</system.webServer>
- Remove
X-AspNetMvc-Version, edit Global.asax.cs and add the following in the Application_Start event:
protected void Application_Start()
{
MvcHandler.DisableMvcResponseHeader = true;
}
- You can also modify headers at runtime via the
Application_PreSendRequestHeaders event in Global.asax.cs. This is useful if your header values are dynamic. However, "X-Powered-By" can
only be removed by setting web.config.
protected void Application_PreSendRequestHeaders(object source, EventArgs e)
{
Response.Headers.Remove("foo");
Response.Headers.Add("bar", "quux");
}
Regarding Request header> Referer, again, you can't do this.
The Request.Headers["Referer"] value is a value sent by the browser on each request. It's up to the browser what value it choose to supply for this value, and there is no means for a web page to send a response that says "for your next request, use this
value for the Referer". And when you do a Request.Redirect, you're sending a response to the browser, telling it to make another request.
Hope helps.
Best regards,
Sean
