X-Frame-Options | Piotrowski Bartosz

The custom headers can be removed by modifying the customHeaders section of the web.config as follows:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.web>
  </system.web>
  <system.webServer>
    <httpProtocol>
      <customHeaders>
        <remove name="X-Powered-By"/>
        <clear/>

        <!-- here we remove custom headers -->
        <add name="X-Frame-Options" value="SAMEORIGIN"/>
        <add name="X-Xss-Protection" value="1; mode=block"/>
        <add name="X-Content-Type-Options" value="nosniff"/>
        <!-- here we remove custom headers -->

        <add name="Referrer-Policy" value="strict-origin-when-cross-origin"/>
        <add name="Permissions-Policy" value="accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)"/>
      </customHeaders>
    </httpProtocol>
  </system.webServer>]
</configuration>

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

Piotrowski Bartosz

co wiem to piszem

Tag Archives: X-Frame-Options

Azure App Service how to remove the custom headers X-Frame-Options; X-XSS-Protection; X-Content-Type-Options ?