Is there a way in IIS of customizing the 301,302 response body?
For example when you access the site without a document name the server responds with a 301 Moved Permanently. Unfortunately it also includes the response content:
<head><title>Document Moved</title></head><body><h1>Object Moved</h1>This document may be found <a HREF="http://example.com/example/">here</a>
</body>
Where the host above (example.com) seems to be taken from the request header Host: example.com. So even though the this site actually blocks forged headers (through code) the redirect (to an error page) includes the above (with a 302) and would include any forged header. A 3rd party that provides pen testing lists this as a security vulnerability (which I concur) but I don't seem to have any control over this in IIS.