Sector0
Reputation: 309
Disable gzip encoding for ASP.Net generated ScriptResource.axd
I'm trying to disable gzip encoding on both static and non-static content in an ASP.Net WebForms application. This is the suggested fix for BREACH vulnerability.
I noticed that ASP.Net/ScriptManager generated files like ScriptResource.axd are GZIP encoded by default.
This encoding is applied even if compression is disabled in IIS.
My option at this time is to write a HttpModule to remove Accepts-Encoding headers, but this doesn't seem like the right thing to do.
Upvotes: 1
Views: 1295
Answers (1)
Sector0
Reputation: 309
I found out that this is configured through this Web.Config setting -
<system.web.extensions>
<scripting>
<scriptResourceHandler enableCompression="false" enableCaching="true" />
</scripting>
</system.web.extensions>
Upvotes: 2
Related Questions
- Enabling JavaScript GZIP compression in IIS?
- Setting the gzip compression in asp.net
- CSS/JS GZip Compression with Asp.Net
- Mvc 4 script bundles and GZip
- ASP.NET, GZip and .AXD dynamic files not playing nicely
- Is it possible to gzip the automatically included scripts?
- GZipping Javascript from .ashx returns decoding error in browser
- How do I disable chunked transfer-encoding when using compressed dynamic content?
- Unable to gzip javascript file using IIS
- Why is ScriptResource.axd compressed, even though IIS compression is disabled?