卸下＆QUOT;日期和QUOT;在IIS HTTP响应头7+ [英] Removing the "Date" http response header on IIS 7+

问题描述

我在开发的响应与自定义日期时间HTTP头中的客户端的ASP.NET Web API应用程序。虽然我已看过一些文章描述了如何从ASP.NET/IIS删除响应头，这其中似乎总是有弹性，我无法摆脱它。这似乎是某处放置在响应管道出来的程序员/管理员的控制，在最后。

I am developing an ASP.NET Web API application which responds to the clients with a custom datetime http header. While I have read several articles describing how to remove response headers from ASP.NET/IIS, this one always seem to be resilient, i can't get rid of it. It seems to be placed in the response pipeline somewhere out of the programmer's/administrator's control, at the very end.

我知道这可能是一个不好的做法不包括在响应中的日期标题，但正如我所提到的，自定义DateTime头（这是在蜱而不是字符串重新presentation）使默认一个冗余;此外，这是一个私人的API，所以我知道到底是谁，以及如何使用它。

I know it may be a bad practice not to include the "Date" header in the response but, as i mentioned, the custom datetime header (which is in ticks instead of a string representation) makes the default one redundant; furthermore, this is a private API, so i know exactly who and how uses it.

是不是这样，在任何可能的方式来删除该头在IIS（V7 +）为特定网站（或者直接从Web API应用程序）？

Is it thus possible in any way to remove this header in IIS (v7+) for a specific site (or directly from the Web API application)?

修改：结果
我尝试（没有成功）以下技术：

Edit:
I tried (without success) the following techniques:

• 创建一个自定义处理程序，除去从Web API项目的头右侧


• 注册自定义的IHttpModule


• 在明确去除web.config文件头＆LT; httpProtocol＆GT;＆LT; customHeaders＆GT; 部分


• 在IIS管理器中删除HTTP响应头


• 头去除$ C $在Ç保护无效Application_ preSendRequestHeaders（对象发件人，EventArgs五）方法的Global.asax.cs

• Creating a custom handler to remove the header right from the Web API project
• Registering a custom IHttpModule
• Explicit removal of headers in web.config in <httpProtocol><customHeaders> section
• Remove HTTP response headers in IIS Manager
• Header removal code in protected void Application_PreSendRequestHeaders(object sender, EventArgs e) method in Global.asax.cs

推荐答案

根据HTTP的规格， Date头是必须，除了这些条件，我不认为适用于您的情况：

According to HTTP Spec, Date header is mandatory, except for these conditions which I dont think apply to your case:

Origin servers MUST include a Date header field in all responses, except in these cases:

  1. If the response status code is 100 (Continue) or 101 (Switching
     Protocols), the response MAY include a Date header field, at
     the server's option.
  2. If the response status code conveys a server error, e.g. 500
     (Internal Server Error) or 503 (Service Unavailable), and it is
     inconvenient or impossible to generate a valid Date.
  3. If the server does not have a clock that can provide a
     reasonable approximation of the current time, its responses
     MUST NOT include a Date header field. In this case, the rules
     in section 14.18.1 MUST be followed.

这篇关于卸下＆QUOT;日期和QUOT;在IIS HTTP响应头7+的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！