It would be great if we could have the ability to make granular changes to web.config. For example, adding Cache-Control, X-Content-Type-Options or Content-Security-Policy headers.
When running OWASP scans against ASP .NET Maker sites this lack of control means there are generally a lot of risks picked up. Whilst most are low or medium, it would be great to have control over web.config in order to mitigate the risks entirely.
Thanks very much.