注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

天涯倦客的博客

祝福你朋友永远快乐!

 
 
 

日志

 
 

Security Header Injection Module (SHIM)  

2015-04-09 09:17:16|  分类: asp.net |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |

Security Header Injection Module (SHIM)

Project Description
SHIM is a HTTP module that provides protection for many vulnerabilities by injecting security-specific HTTP headers into ASP.NET web applications.

Overview
The security header injection module (SHIM) was inspired by the OWASP Secure Headers Project. The goal of this project is to allow ASP.NET applications to improve the security of their web applications by using security-specific HTTP headers supported by modern browsers. Once SHIM is installed and configured, the headers instruct the browser to provide an extra layer of protection for preventing a number of web application vulnerabilities, including: cross-Site-Scripting (XSS), insecure data caching, man-in-the-middle attacks, content-type sniffing, and clickjacking.

More details on the OWASP project can be found here:https://www.owasp.org/index.php/OWASP_Secure_Headers_Project

Supported Headers
SHIM currently supports the following HTTP Headers:

Cache-Control
Expires
Pragma
Content-Security-Policy
Strict-Transport-Security
X-Content-Type-Options
X-Frame-Options
X-XSS-Protection

Installation
Please see the documentation: https://shim.codeplex.com/documentation
  评论这张
 
阅读(274)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017