Click here to Skip to main content
15,748,477 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
How to avoid Etag leakage for to avoid tracking of unique user for IIS 7.5.
I have written caching disabled code in response header but is it best practice to avoid such leakage.
What is the best solution to avoid Etag leakage.
Updated 11-Feb-14 19:20pm

1 solution

Refer - IIS 7.5 remove etag headers from response[^] and follow the solution.

You can use the IIS Rewrite Module 2.0 to remove the ETag. The following rewrite rule should do it:

      <rule name="Remove ETag">
         <match serverVariable="RESPONSE_ETag" pattern=".+" />
         <action type="Rewrite" value="" />

You can see an example image of the rule configuration in IIS Manager on my blog.

Share this answer
vishal_h 12-Feb-14 6:19am    
Thaks for reply but my web.config file not allowing to add above code in system.webserver
It should be inside system.webserver.
vishal_h 12-Feb-14 7:14am    
When i write inside system.webserver . It says system.webserver has invalid child element rewrite.
vishal_h 12-Feb-14 23:54pm    
Thanks for reply but now its giving me error after adding in web.config.<rewrite> allow to add but giving message as the element rewrite has some invalid argument 'outboundRules'

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900