Classic ASP & Security Headers

What are Security Headers

What is Classic ASP

Classic ASP’s Response Object and Security Headers

Code Examples:

Code example is available as ASP server-side include file on my Github.

'Note all the important security headers here:
Response.AddHeader "Access-Control-Origin","[URL]"
Response.AddHeader "Feature-Policy","microphone 'none';"
Response.AddHeader "Referrer-Policy","no-referrer"
Response.AddHeader "Strict-Transport-Security", "max-age=15552001; includeSubDomains; preload"
Response.AddHeader "X-Content-Type-Options","nosniff"
Response.AddHeader "X-Frame-Options","SAMEORIGIN"
Response.AddHeader "X-XSS-Protection","1; mode-block;"

How to Set Security Headers on Your Website Using Microsoft IIS

Security Headers Video

Cross Origin Resource Sharing (Explained by Example)

Author: Rick Cable / AKA Cyber Abyss

Veteran, Coder, Hacker and Founder of FinditClassifieds.com in 1997. Currently a senior full-stack software developer supporting multiple teams and products at a large healthcare organization.