In PowerShell, I am trying to list all the HTTP Response Headers that do not have a specific combination of Name and Value.
In specific:
Name is not "X-Powered-By" AND Value is not "ASP.NET"
I managed to get some progress by using this solution , but I cannot manage to inquire into the results for the values I want:
$iisWebsiteName = "Default Web Site"
$IISManager = new-object Microsoft.Web.Administration.ServerManager
$IISConfig = $IISManager.GetWebConfiguration($iisWebsiteName)
$httpProtocolSection = $IISConfig.GetSection("system.webServer/httpProtocol")
$customHeadersCollection = $httpProtocolSection.GetCollection("customHeaders")
$customHeader = $customHeadersCollection | Select-Object rawattributes | Select-Object -Expand *
This is what I am getting in response:
X-Powered-By
Referrer-Policy
ASP.NET
no-referrer
I have no idea how to query into this output and get the relevant items, or if I am even looking into it the right way.
Here is a slight alteration to how to output this data.
$iisWebsiteName = "Default Web Site"
$IISManager = new-object Microsoft.Web.Administration.ServerManager
$IISConfig = $IISManager.GetWebConfiguration($iisWebsiteName)
$httpProtocolSection = $IISConfig.GetSection("system.webServer/httpProtocol")
$customHeadersCollection = ($httpProtocolSection.GetCollection("customHeaders")) |
Select-Object -Property RawAttributes
$customHeadersCollection.RawAttributes
# Results
<#
Key Value
--- -----
name X-Powered-By
value ASP.NET
#>
$customHeadersCollection.RawAttributes.name
# Results
<#
X-Powered-By
#>
$customHeadersCollection.RawAttributes.Values
# Results
<#
X-Powered-By
ASP.NET
#>
$customHeadersCollection.RawAttributes.Values[0]
# Results
<#
X-Powered-By
#>
$customHeadersCollection.RawAttributes.Values[1]
# Results
<#
ASP.NET
#>
Update
As per your comment below. There are a number of ways to filter content. Comparison operators are the first place to start.
$customHeadersCollection.RawAttributes.Values -ne 'ASP.NET'
# Results
<#
X-Powered-By
#>
$customHeadersCollection.RawAttributes.Values -ne 'X-Powered-By'
# Results
<#
ASP.NET
#>
$customHeadersCollection.RawAttributes.Values -notmatch 'ASP'
# Results
<#
X-Powered-By
#>
You can pass in a list of exceptions as needed.
Thanks to postanote's answer, I managed to create a full working code.
This code checks in IIS Default Web Site, in the HTTP Response Headers, for everything that is NOT a specific Name and Value combination. All the exceptions are stored in an array that can later on be examined and displayed.
This works with both local and inherited values.
$iisWebsiteName = "Default Web Site"
$IISManager = new-object Microsoft.Web.Administration.ServerManager
$IISConfig = $IISManager.GetWebConfiguration($iisWebsiteName) #i.e. "Default Web Site"
$httpProtocolSection = $IISConfig.GetSection("system.webServer/httpProtocol")
$customHeadersCollection = $httpProtocolSection.GetCollection("customHeaders")
$customHeadersCollection = ($httpProtocolSection.GetCollection("customHeaders")) | Select-Object -Property RawAttributes
$customHeadersAtt = $customHeadersCollection.RawAttributes
$CustomHeadersList = @()
foreach ($CustomHeader in $customHeadersAtt) {
if (($CustomHeader.name -ne "X-Powered-By") -and ($CustomHeader.value -ne "ASP.NET")) {
$CustomHeadersList += ([pscustomobject]@{Name=$CustomHeader.name;Value=$CustomHeader.value})
}
}
if ($CustomHeadersList) {
Write-Output "There are custom HTTP Response Headers:" $CustomHeadersList
}
else {
Write-Output "There are no relevant custom HTTP Response Headers"
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.