Hi Team,
I hope all doing good. I do have deployed couple of .rdl files in Web Portal. When the security team tested the Web Portal they found out some security vulnerabilities examples
1. HTTP Strict Transport Security Header
2. Cache control
3. Vulnerable file upload: Why the web portal allowing to upload any kind of file, it should be .rdl file alone. It is allowing .exe, .ps1, .html files etc etc.
In order to re-mediate these issues, what i should be doing? Does web portal having config file? If so location please. And can i add custom HTTP headers into it?