Security issues in our UniGui applications
I decided to open this post because for the first time I am making an application that will need a higher level of security, and after reading the post http://forums.unigui.com/index.php?/topic/16334-can-we-apply -some-protection-against-different-attacks/#comment-89591 I found it necessary to research a little more on the topic.
I found a tool that does basic testing for free and I submitted my site and would like other more experienced users or even the support team to comment or give sec
And you can also add custom headers like the below code:
procedure TUniServerModule.UniGUIServerModuleHTTPCommand(
ARequestInfo: TIdHTTPRequestInfo; AResponseInfo: TIdHTTPResponseInfo;
var Handled: Boolean);
begin
AResponseInfo.CustomHeaders.AddValue('X-Content-Type-Options', 'nosniff');
AResponseInfo.CustomHeaders.AddValue('X-Frame-Options', 'SAMEORIGIN');
AResponseInfo.CustomHeaders.AddValue('X-XSS-Protection', '1; mode=block');
end;
