Summary
It's not possible for ASP .NET Core to remove the X-Powered-By header. As such, even though the OWASP Secure Headers project recommends removing it, OwaspHeaders.Core no longer attempts to remove it.
This is because ASP .NET Core cannot remove this header, as it's set at the reverse proxy level. A solution has been provided in the Server Header: A Warning section of the readme and package documentation.
What's Changed
- Feature/docs basic entries by @GaProgMan in #122
- Feature/docs basic entries by @GaProgMan in #123
- Feature/docs basic entries by @GaProgMan in #124
- Feature/docs basic entries by @GaProgMan in #125
- Feature/docs basic entries by @GaProgMan in #126
- Feature/docs basic entries by @GaProgMan in #127
- Feature/docs basic entries by @GaProgMan in #128
- Feature/docs basic entries by @GaProgMan in #129
Full Changelog: v9.1.0...v9.2.0
Contributors
GaProgMan