Security Header Injection Module (SHIM)
SHIM is a HTTP module that provides protection for many vulnerabilities by injecting security-specific HTTP headers into ASP.NET web applications.
The security header injection module (SHIM) was inspired by the OWASP Secure Headers Project. The goal of this project is to allow ASP.NET applications to improve the security of their web applications by using security-specific HTTP headers supported by modern
browsers. Once SHIM is installed and configured, the headers instruct the browser to provide an extra layer of protection for preventing a number of web application vulnerabilities, including: cross-Site-Scripting (XSS), insecure data caching, man-in-the-middle
attacks, content-type sniffing, and clickjacking.
More details on the OWASP project can be found here:
SHIM currently supports the following HTTP Headers:
Please see the documentation: https://shim.codeplex.com/documentation
Contact us at oss at cypressdefense.com