Menu
I read somewhere the you can't remove response headers once they've been added. Given that, I'm wondering where in a standard ASP.NET web forms application do response headers get added initially. For example, these:
Date Fri, 23 Apr 2010 16:25:56 GMT
Server Microsoft-IIS/6.0
X-Powered-By ASP.NET
Cache-Control private
And can I stop it from happening? Do subsequent headers override old headers? Does my question even make sense?
706
Most actionable response headers are generated by the Web server itself. These include instructions for the client to cache the content (or not), content language, and the HTTTP request status code among others.
Select the web site where you want to add the custom HTTP response header. In the web site pane, double-click HTTP Response Headers in the IIS section. In the actions pane, select Add. In the Name box, type the custom HTTP header name.
A response header is an HTTP header that can be used in an HTTP response and that doesn't relate to the content of the message. Response headers, like Age , Location or Server are used to give a more detailed context of the response.
Request header: Headers containing more information about the resource to be fetched or about the client itself. Response header: Headers with additional information about the response, like its location or about the server itself (name, version, …).
The headers you mentioned are added automatically by IIS. Instructions for changing them are at a question posted on Serverfault here.
But to answer your question about when, I believe you're remembering what you read wrong.
I believe what you are referring to is that you can't modify any http headers once content has been sent back to the browser. This would happen in the Rendering event OR as soon as you use a Response.Write or Response.Redirect method.
Edit - added
Incidentally, there are a number of things you can't do oncew the headers have been sent... Modifying cookies, using a Response.Redirect, etc
See these links:
Why do I get "Cannot redirect after HTTP headers have been sent" when I call Response.Redirect()?
http://www.bing.com/search?q=HTTP+headershave+been+sent&src=IE-SearchBox&FORM=IE8SRC
Added even more
And finally - a better answer. I was looking for an event in the page lifecycle where the httpheaders are sent. Actually, they are sent by the HttpApplication object. The event that fires just before this is the PreSendRequestHeaders event per this article.
171
The X-Powered-By: ASP.NET header is added by IIS. You can remove this globally or on a per site bases by editing 'Custom HTTP Headers' on the HTTP Headers tab.
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
