asp.net mvc 安全测试漏洞 " HTTP 动词篡改的认证旁路" 问题解决

IBM Security Appscan漏洞筛查-HTTP 动词篡改的认证旁路漏洞，具体解决方案:

在Web.Config中system.webServer节点增加配置security:

1. <security>
2.    <requestFiltering>
3.      <verbs allowUnlisted="false">
4.        <add verb="GET" allowed="true" />
5.        <add verb="POST" allowed="true" />
6.      </verbs>
7.    </requestFiltering>
8.  </security>