I suggest you ...

← Windows Azure AppFabric Feature Voting

Support HTTP Security headers in ACS to prevent clickjacking, replays, and firesheep

The ACS authentication system does not implement widely used anti-hacker HTTP headers.

Please see the following links for a list of missing HTTP headers:

http://security.stackexchange.com/q/8480/396
and

http://social.msdn.microsoft.com/Forums/en-US/windowsazuresecurity/thread/eab4b53e-438b-4b20-8933-ae88e2f3610f?prof=required

6 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Forgot password?
    Create a password
    I agree to the terms of service
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    Chris MankowskiChris Mankowski shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Forgot password?
      Create a password
      I agree to the terms of service
      Signed in as (Sign out)
      Close
      Close
      Submitting...

      Windows Azure AppFabric Feature Voting

      Feedback and Knowledge Base

      (thinking…)