The blog of a software tester in London, UK.
One thing might be worth considering is using MVC Attributes for the extra headers, that way you can unit test the code.Might want to mention that the AntiXss library is the preferred way of handling input these days.Perhaps Salts in AntiForgeryTokens for a big of extra goodness :)
Through slight refactoring (i.e. access methods) and using HttpResponseBase, you can unit test the headers being added anyway.
One thing might be worth considering is using MVC Attributes for the extra headers, that way you can unit test the code.
ReplyDeleteMight want to mention that the AntiXss library is the preferred way of handling input these days.
Perhaps Salts in AntiForgeryTokens for a big of extra goodness :)
Through slight refactoring (i.e. access methods) and using HttpResponseBase, you can unit test the headers being added anyway.
ReplyDelete