Get IIS HTTP Response Headers using Powershell (rawattributes)

Question

In PowerShell, I am trying to list all the HTTP Response Headers that do not have a specific combination of Name and Value.

In specific:

Name is not "X-Powered-By" AND Value is not "ASP.NET"

I managed to get some progress by using this solution , but I cannot manage to inquire into the results for the values I want:

$iisWebsiteName = "Default Web Site"
$IISManager = new-object Microsoft.Web.Administration.ServerManager 
$IISConfig = $IISManager.GetWebConfiguration($iisWebsiteName)
$httpProtocolSection = $IISConfig.GetSection("system.webServer/httpProtocol") 
$customHeadersCollection = $httpProtocolSection.GetCollection("customHeaders")
$customHeader = $customHeadersCollection | Select-Object rawattributes | Select-Object -Expand *

This is what I am getting in response:

X-Powered-By
Referrer-Policy
ASP.NET
no-referrer

I have no idea how to query into this output and get the relevant items, or if I am even looking into it the right way.

Answer 1

Here is a slight alteration to how to output this data.

$iisWebsiteName          = "Default Web Site"
$IISManager              = new-object Microsoft.Web.Administration.ServerManager 
$IISConfig               = $IISManager.GetWebConfiguration($iisWebsiteName)

$httpProtocolSection     = $IISConfig.GetSection("system.webServer/httpProtocol") 
$customHeadersCollection = ($httpProtocolSection.GetCollection("customHeaders")) | 
                            Select-Object -Property RawAttributes
$customHeadersCollection.RawAttributes
# Results
<#
Key   Value       
---   -----       
name  X-Powered-By
value ASP.NET 
#>

$customHeadersCollection.RawAttributes.name
# Results
<#
X-Powered-By
#>

$customHeadersCollection.RawAttributes.Values
# Results
<#
X-Powered-By
ASP.NET
#>

$customHeadersCollection.RawAttributes.Values[0]
# Results
<#
X-Powered-By
#>

$customHeadersCollection.RawAttributes.Values[1]
# Results
<#
ASP.NET
#>

Update

As per your comment below. There are a number of ways to filter content. Comparison operators are the first place to start.

$customHeadersCollection.RawAttributes.Values -ne 'ASP.NET'
# Results
<#
X-Powered-By
#>

$customHeadersCollection.RawAttributes.Values -ne 'X-Powered-By'
# Results
<#
ASP.NET
#>

$customHeadersCollection.RawAttributes.Values -notmatch 'ASP'
# Results
<#
X-Powered-By
#>

You can pass in a list of exceptions as needed.

Answer 2

Thanks to postanote's answer, I managed to create a full working code.

This code checks in IIS Default Web Site, in the HTTP Response Headers, for everything that is NOT a specific Name and Value combination. All the exceptions are stored in an array that can later on be examined and displayed.

This works with both local and inherited values.

$iisWebsiteName = "Default Web Site"
$IISManager = new-object Microsoft.Web.Administration.ServerManager 
$IISConfig = $IISManager.GetWebConfiguration($iisWebsiteName) #i.e. "Default Web Site" 
$httpProtocolSection = $IISConfig.GetSection("system.webServer/httpProtocol") 
$customHeadersCollection = $httpProtocolSection.GetCollection("customHeaders")
$customHeadersCollection = ($httpProtocolSection.GetCollection("customHeaders")) | Select-Object -Property RawAttributes
$customHeadersAtt = $customHeadersCollection.RawAttributes

$CustomHeadersList = @()

foreach ($CustomHeader in $customHeadersAtt) {
    if (($CustomHeader.name -ne "X-Powered-By") -and ($CustomHeader.value -ne "ASP.NET")) {
        $CustomHeadersList += ([pscustomobject]@{Name=$CustomHeader.name;Value=$CustomHeader.value})
    }
}

if ($CustomHeadersList) {
    Write-Output "There are custom HTTP Response Headers:" $CustomHeadersList
}
else {
    Write-Output "There are no relevant custom HTTP Response Headers"
}