Merge remote-tracking branch 'origin/7.4.0' into dev-v8

Conflicts:
	build/UmbracoVersion.txt
	src/Umbraco.Core/ApplicationContext.cs
	src/Umbraco.Core/Configuration/UmbracoConfig.cs
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Core/CoreBootManager.cs
	src/Umbraco.Core/DatabaseContext.cs
	src/Umbraco.Core/Dictionary/CultureDictionaryFactoryResolver.cs
	src/Umbraco.Core/Manifest/ManifestParser.cs
	src/Umbraco.Core/Models/DataTypeDefinition.cs
	src/Umbraco.Core/ObjectResolution/ApplicationEventsResolver.cs
	src/Umbraco.Core/Persistence/DatabaseSchemaHelper.cs
	src/Umbraco.Core/Persistence/Factories/MemberTypeFactory.cs
	src/Umbraco.Core/Persistence/Migrations/MigrationBase.cs
	src/Umbraco.Core/Persistence/Migrations/MigrationExpressionBase.cs
	src/Umbraco.Core/Persistence/Migrations/MigrationResolver.cs
	src/Umbraco.Core/Persistence/Migrations/MigrationRunner.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Alter/AlterSyntaxBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Alter/Column/AlterColumnBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Alter/Expressions/AlterColumnExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Alter/Expressions/AlterDefaultConstraintExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Alter/Expressions/AlterTableExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Alter/Table/AlterTableBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Create/Column/CreateColumnBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Create/CreateBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Create/Expressions/CreateConstraintExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Create/Expressions/CreateTableExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Create/Table/CreateTableBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Delete/DeleteBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Delete/Expressions/DeleteColumnExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Delete/Expressions/DeleteConstraintExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Delete/Expressions/DeleteDataExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Delete/Expressions/DeleteDefaultConstraintExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Delete/Expressions/DeleteForeignKeyExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Delete/Expressions/DeleteIndexExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Delete/Expressions/DeleteTableExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Execute/ExecuteBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Execute/Expressions/ExecuteCodeStatementExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Execute/Expressions/ExecuteSqlStatementExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Expressions/CreateColumnExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Expressions/CreateForeignKeyExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Expressions/CreateIndexExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Insert/Expressions/InsertDataExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Insert/InsertBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Rename/Expressions/RenameColumnExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Rename/Expressions/RenameTableExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Rename/RenameBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Update/Expressions/UpdateDataExpression.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Update/UpdateBuilder.cs
	src/Umbraco.Core/Persistence/Migrations/Upgrades/TargetVersionSeven/AddIndexToCmsMacroTable.cs
	src/Umbraco.Core/Persistence/Migrations/Upgrades/TargetVersionSevenThreeZero/MigrateAndRemoveTemplateMasterColumn.cs
	src/Umbraco.Core/Persistence/Repositories/ContentRepository.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeBaseRepository.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/DataTypeDefinitionRepository.cs
	src/Umbraco.Core/Persistence/Repositories/DictionaryRepository.cs
	src/Umbraco.Core/Persistence/Repositories/DomainRepository.cs
	src/Umbraco.Core/Persistence/Repositories/LanguageRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MediaRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MediaTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/RecycleBinRepository.cs
	src/Umbraco.Core/Persistence/Repositories/ServerRegistrationRepository.cs
	src/Umbraco.Core/Persistence/Repositories/TagRepository.cs
	src/Umbraco.Core/Persistence/Repositories/TemplateRepository.cs
	src/Umbraco.Core/Persistence/Repositories/VersionableRepositoryBase.cs
	src/Umbraco.Core/Persistence/RepositoryFactory.cs
	src/Umbraco.Core/Persistence/UmbracoDatabase.cs
	src/Umbraco.Core/PropertyEditors/IPropertyEditorValueConverter.cs
	src/Umbraco.Core/PropertyEditors/PropertyEditor.cs
	src/Umbraco.Core/PropertyEditors/PropertyEditorResolver.cs
	src/Umbraco.Core/Services/ContentService.cs
	src/Umbraco.Core/Services/ContentTypeService.cs
	src/Umbraco.Core/Services/DataTypeService.cs
	src/Umbraco.Core/Services/EntityService.cs
	src/Umbraco.Core/Services/LocalizationService.cs
	src/Umbraco.Core/Services/MacroService.cs
	src/Umbraco.Core/Services/MediaService.cs
	src/Umbraco.Core/Services/MemberGroupService.cs
	src/Umbraco.Core/Services/MemberService.cs
	src/Umbraco.Core/Services/MemberTypeService.cs
	src/Umbraco.Core/Services/PackagingService.cs
	src/Umbraco.Core/Services/ServerRegistrationService.cs
	src/Umbraco.Core/Services/ServiceContext.cs
	src/Umbraco.Core/Services/TagService.cs
	src/Umbraco.Core/Services/UserService.cs
	src/Umbraco.Core/Strings/DefaultShortStringHelper.cs
	src/Umbraco.Core/Sync/ConfigServerRegistrar.cs
	src/Umbraco.Core/Sync/DatabaseServerMessenger.cs
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Core/UmbracoApplicationBase.cs
	src/Umbraco.Core/packages.config
	src/Umbraco.Tests/BootManagers/CoreBootManagerTests.cs
	src/Umbraco.Tests/Macros/MacroTests.cs
	src/Umbraco.Tests/Manifest/ManifestParserTests.cs
	src/Umbraco.Tests/Migrations/FindingMigrationsTest.cs
	src/Umbraco.Tests/Migrations/MigrationRunnerTests.cs
	src/Umbraco.Tests/Migrations/Stubs/FiveZeroMigration.cs
	src/Umbraco.Tests/Migrations/Stubs/FourElevenMigration.cs
	src/Umbraco.Tests/Migrations/Stubs/SixZeroMigration1.cs
	src/Umbraco.Tests/Migrations/Stubs/SixZeroMigration2.cs
	src/Umbraco.Tests/Migrations/TargetVersionSixthMigrationsTest.cs
	src/Umbraco.Tests/Migrations/Upgrades/BaseUpgradeTest.cs
	src/Umbraco.Tests/Migrations/Upgrades/SqlCeDataUpgradeTest.cs
	src/Umbraco.Tests/Mvc/UmbracoViewPageTests.cs
	src/Umbraco.Tests/Persistence/BaseTableByTableTest.cs
	src/Umbraco.Tests/Persistence/DatabaseContextTests.cs
	src/Umbraco.Tests/Persistence/Mappers/PropertyGroupMapperTest.cs
	src/Umbraco.Tests/Persistence/MySqlDatabaseCreationTest.cs
	src/Umbraco.Tests/Persistence/Querying/ContentTypeRepositorySqlClausesTest.cs
	src/Umbraco.Tests/Persistence/Querying/ContentTypeSqlMappingTests.cs
	src/Umbraco.Tests/Persistence/Repositories/ContentRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/ContentTypeRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/DataTypeDefinitionRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/DomainRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/MediaRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/MemberRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/PublicAccessRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/ServerRegistrationRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/TagRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/TemplateRepositoryTest.cs
	src/Umbraco.Tests/Persistence/SyntaxProvider/SqlCeSyntaxProviderTests.cs
	src/Umbraco.Tests/PublishedContent/PublishedMediaTests.cs
	src/Umbraco.Tests/Services/ContentServicePerformanceTest.cs
	src/Umbraco.Tests/Services/ContentServiceTests.cs
	src/Umbraco.Tests/Services/ThreadSafetyServiceTest.cs
	src/Umbraco.Tests/Strings/DefaultShortStringHelperTests.cs
	src/Umbraco.Tests/TestHelpers/BaseDatabaseFactoryTest.cs
	src/Umbraco.Tests/TestHelpers/BaseDatabaseTest.cs
	src/Umbraco.Tests/TestHelpers/BaseUmbracoApplicationTest.cs
	src/Umbraco.Tests/Umbraco.Tests.csproj
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/config/ClientDependency.config
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web.UI/umbraco/controls/ContentTypeControlNew.ascx.cs
	src/Umbraco.Web.UI/umbraco/plugins/tinymce3/insertImage.aspx
	src/Umbraco.Web.UI/umbraco/settings/EditNodeTypeNew.aspx.cs
	src/Umbraco.Web/BatchedDatabaseServerMessenger.cs
	src/Umbraco.Web/Cache/CacheRefresherEventHandler.cs
	src/Umbraco.Web/Cache/DataTypeCacheRefresher.cs
	src/Umbraco.Web/Cache/DistributedCacheExtensions.cs
	src/Umbraco.Web/Editors/AuthenticationController.cs
	src/Umbraco.Web/Editors/BackOfficeController.cs
	src/Umbraco.Web/Install/InstallSteps/DatabaseInstallStep.cs
	src/Umbraco.Web/Install/InstallSteps/DatabaseUpgradeStep.cs
	src/Umbraco.Web/Media/ThumbnailProviders/ThumbnailProvidersResolver.cs
	src/Umbraco.Web/Mvc/DefaultRenderMvcControllerResolver.cs
	src/Umbraco.Web/PropertyEditors/FileUploadPropertyEditor.cs
	src/Umbraco.Web/PropertyEditors/FolderBrowserPropertyEditor.cs
	src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs
	src/Umbraco.Web/PropertyEditors/ImageCropperPropertyEditor.cs
	src/Umbraco.Web/Routing/NotFoundHandlerHelper.cs
	src/Umbraco.Web/Trees/MediaTreeController.cs
	src/Umbraco.Web/Trees/MemberTreeController.cs
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/UmbracoApplication.cs
	src/Umbraco.Web/UmbracoModule.cs
	src/Umbraco.Web/WebBootManager.cs
	src/Umbraco.Web/packages.config
	src/Umbraco.Web/umbraco.presentation/content.cs
	src/Umbraco.Web/umbraco.presentation/keepAliveService.cs
	src/Umbraco.Web/umbraco.presentation/macro.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/Trees/loadDictionary.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/controls/ContentControl.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/controls/ContentTypeControlNew.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/controls/Images/ImageViewer.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/controls/Images/UploadMediaImage.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/imageViewer.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/rollBack.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMemberType.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/plugins/tinymce3/insertImage.aspx
	src/Umbraco.Web/umbraco.presentation/umbraco/settings/EditNodeTypeNew.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/uQuery/MediaExtensions.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/uQuery/uQuery.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/users/EditUser.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/webService.asmx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
	src/UmbracoExamine/UmbracoContentIndexer.cs
	src/UmbracoExamine/UmbracoMemberIndexer.cs
	src/umbraco.MacroEngines/RazorCore/UmbracoCultureDictionary.cs
	src/umbraco.MacroEngines/RazorDynamicNode/DynamicNode.cs
	src/umbraco.MacroEngines/RazorDynamicNode/ExtensionMethods.cs
	src/umbraco.MacroEngines/app.config
	src/umbraco.MacroEngines/packages.config
	src/umbraco.MacroEngines/umbraco.MacroEngines.csproj
	src/umbraco.businesslogic/UmbracoSettings.cs
	src/umbraco.cms/businesslogic/Content.cs
	src/umbraco.cms/businesslogic/datatype/DataTypeDefinition.cs
	src/umbraco.cms/businesslogic/datatype/DefaultPreValueEditor.cs
	src/umbraco.cms/businesslogic/datatype/FileHandlerData.cs
	src/umbraco.cms/businesslogic/translation/Translation.cs
	src/umbraco.cms/businesslogic/web/Document.cs
	src/umbraco.cms/packages.config
	src/umbraco.editorControls/DefaultPrevalueEditor.cs
	src/umbraco.editorControls/MultiNodeTreePicker/MNTPResources.Designer.cs
	src/umbraco.editorControls/MultiNodeTreePicker/MNTPResources.resx
	src/umbraco.editorControls/MultiNodeTreePicker/MNTP_DataType.cs
	src/umbraco.editorControls/app.config
	src/umbraco.editorControls/macrocontainer/PrevalueEditor.cs
	src/umbraco.editorControls/packages.config
	src/umbraco.editorControls/textfieldmultiple/textfieldMultipleDataType.cs
	src/umbraco.editorControls/umbraco.editorControls.csproj
	src/umbraco.editorControls/uploadfield/uploadField.cs
	src/umbraco.editorControls/userControlWrapper/usercontrolPrevalueEditor.cs
	src/umbraco.providers/app.config

src/Umbraco.Web/UmbracoModule.cs

@@ -20,6 +20,7 @@ using Umbraco.Web.Editors;
 using Umbraco.Web.Routing;
 using Umbraco.Web.Security;
 using umbraco;
+using Umbraco.Core.Sync;
 using GlobalSettings = Umbraco.Core.Configuration.GlobalSettings;
 using ObjectExtensions = Umbraco.Core.ObjectExtensions;
 using RenderingEngine = Umbraco.Core.RenderingEngine;
@@ -42,31 +43,10 @@ namespace Umbraco.Web
 		/// <param name="httpContext"></param>
         static void BeginRequest(HttpContextBase httpContext)
 		{
+            // ensure application url is initialized
+            ApplicationUrlHelper.EnsureApplicationUrl(ApplicationContext.Current, httpContext.Request);
 
-            //we need to set the initial url in our ApplicationContext, this is so our keep alive service works and this must
-            //exist on a global context because the keep alive service doesn't run in a web context.
-            //we are NOT going to put a lock on this because locking will slow down the application and we don't really care
-            //if two threads write to this at the exact same time during first page hit.
-            //see: http://issues.umbraco.org/issue/U4-2059
-            if (ApplicationContext.Current.OriginalRequestUrl.IsNullOrWhiteSpace())
-            {
-                // If (HTTP and SSL not required) or (HTTPS and SSL required), use ports from request to configure OriginalRequestUrl.
-                // Otherwise, user may need to set baseUrl manually per http://our.umbraco.org/documentation/Using-Umbraco/Config-files/umbracoSettings/#ScheduledTasks if non-standard ports used.
-                if ((!httpContext.Request.IsSecureConnection && !GlobalSettings.UseSSL) || (httpContext.Request.IsSecureConnection && GlobalSettings.UseSSL))
-                {
-                    // Use port from request.
-                    ApplicationContext.Current.OriginalRequestUrl = string.Format("{0}:{1}{2}", httpContext.Request.ServerVariables["SERVER_NAME"], httpContext.Request.ServerVariables["SERVER_PORT"], IOHelper.ResolveUrl(SystemDirectories.Umbraco));
-                }
-                else
-                {
-                    // Omit port entirely.
-                    ApplicationContext.Current.OriginalRequestUrl = string.Format("{0}{1}", httpContext.Request.ServerVariables["SERVER_NAME"], IOHelper.ResolveUrl(SystemDirectories.Umbraco));
-                }
-
-                LogHelper.Info<UmbracoModule>("Setting OriginalRequestUrl: " + ApplicationContext.Current.OriginalRequestUrl);
-            }
-
-			// do not process if client-side request
+            // do not process if client-side request
 			if (httpContext.Request.Url.IsClientSideRequest())
 				return;
 
@@ -163,70 +143,7 @@ namespace Umbraco.Web
 		#endregion
 
 		#region Methods
-
-        /// <summary>
-        /// Determines if we should authenticate the request
-        /// </summary>
-        /// <param name="request"></param>
-        /// <param name="originalRequestUrl"></param>
-        /// <returns></returns>
-        /// <remarks>
-        /// We auth the request when:
-        /// * it is a back office request
-        /// * it is an installer request
-        /// * it is a /base request
-        /// * it is a preview request
-        /// </remarks>
-        internal static bool ShouldAuthenticateRequest(HttpRequestBase request, Uri originalRequestUrl)
-        {
-            if (//check back office
-                request.Url.IsBackOfficeRequest(HttpRuntime.AppDomainAppVirtualPath)
-                //check installer
-                || request.Url.IsInstallerRequest()
-                //detect in preview
-                || (request.HasPreviewCookie() && request.Url != null && request.Url.AbsolutePath.StartsWith(IOHelper.ResolveUrl(SystemDirectories.Umbraco)) == false))
-            {
-                return true;
-            }
-            return false;
-        }
-
-        private static readonly ConcurrentHashSet<string> IgnoreTicketRenewUrls = new ConcurrentHashSet<string>(); 
-        /// <summary>
-        /// Determines if the authentication ticket should be renewed with a new timeout
-        /// </summary>
-        /// <param name="url"></param>
-        /// <param name="httpContext"></param>
-        /// <returns></returns>
-        /// <remarks>
-        /// We do not want to renew the ticket when we are checking for the user's remaining timeout unless -
-        /// UmbracoConfig.For.UmbracoSettings().Security.KeepUserLoggedIn == true
-        /// </remarks>
-        internal static bool ShouldIgnoreTicketRenew(Uri url, HttpContextBase httpContext)
-        {
-            //this setting will renew the ticket for all requests.
-            if (UmbracoConfig.For.UmbracoSettings().Security.KeepUserLoggedIn)
-            {
-                return false;
-            }
-
-            //initialize the ignore ticket urls - we don't need to lock this, it's concurrent and a hashset
-            // we don't want to have to gen the url each request so this will speed things up a teeny bit.
-            if (IgnoreTicketRenewUrls.Any() == false)
-            {                
-                var urlHelper = new UrlHelper(new RequestContext(httpContext, new RouteData()));
-                var checkSessionUrl = urlHelper.GetUmbracoApiService<AuthenticationController>(controller => controller.GetRemainingTimeoutSeconds());
-                IgnoreTicketRenewUrls.Add(checkSessionUrl);
-            }
-
-            if (IgnoreTicketRenewUrls.Any(x => url.AbsolutePath.StartsWith(x)))
-            {
-                return true;
-            }
-
-            return false;            
-        }
-
+        
 		/// <summary>
 		/// Checks the current request and ensures that it is routable based on the structure of the request and URI
 		/// </summary>		
@@ -364,15 +281,23 @@ namespace Umbraco.Web
 			return false;
 		}
 
+	    private bool _notConfiguredReported;
+
 		// ensures Umbraco is configured
 		// if not, redirect to install and return false
 		// if yes, return true
-	    private static bool EnsureIsConfigured(HttpContextBase httpContext, Uri uri)
+	    private bool EnsureIsConfigured(HttpContextBase httpContext, Uri uri)
 	    {
 	        if (ApplicationContext.Current.IsConfigured)
 	            return true;
 
-            LogHelper.Warn<UmbracoModule>("Umbraco is not configured");
+	        if (_notConfiguredReported)
+	        {
+                // remember it's been reported so we don't flood the log
+                // no thread-safety so there may be a few log entries, doesn't matter
+                _notConfiguredReported = true;
+                LogHelper.Warn<UmbracoModule>("Umbraco is not configured");
+            }
 
 			var installPath = UriUtility.ToAbsolute(SystemDirectories.Install);
 			var installUrl = string.Format("{0}/?redir=true&url={1}", installPath, HttpUtility.UrlEncode(uri.ToString()));
@@ -404,6 +329,9 @@ namespace Umbraco.Web
             {
                 response.StatusCode = 404;
                 response.TrySkipIisCustomErrors = UmbracoConfig.For.UmbracoSettings().WebRouting.TrySkipIisCustomErrors;
+
+                if (response.TrySkipIisCustomErrors == false)
+                    LogHelper.Warn<UmbracoModule>("Status code is 404 yet TrySkipIisCustomErrors is false - IIS will take over.");          
             }
 
             if (pcr.ResponseStatusCode > 0)
@@ -545,6 +473,26 @@ namespace Umbraco.Web
                     BeginRequest(new HttpContextWrapper(httpContext));
 				};
 
+            //disable asp.net headers (security)
+            // This is the correct place to modify headers according to MS: 
+            // https://our.umbraco.org/forum/umbraco-7/using-umbraco-7/65241-Heap-error-from-header-manipulation?p=0#comment220889
+		    app.PostReleaseRequestState += (sender, args) =>
+		    {
+                var httpContext = ((HttpApplication)sender).Context;
+                try
+                {
+                    httpContext.Response.Headers.Remove("Server");
+                    //this doesn't normally work since IIS sets it but we'll keep it here anyways.
+                    httpContext.Response.Headers.Remove("X-Powered-By");
+                    httpContext.Response.Headers.Remove("X-AspNet-Version");
+                    httpContext.Response.Headers.Remove("X-AspNetMvc-Version");
+                }
+                catch (PlatformNotSupportedException ex)
+                {
+                    // can't remove headers this way on IIS6 or cassini.
+                }
+		    };
+
             app.PostResolveRequestCache += (sender, e) =>
 				{
 					var httpContext = ((HttpApplication)sender).Context;
@@ -565,21 +513,6 @@ namespace Umbraco.Web
 					DisposeHttpContextItems(httpContext);
 				};
 
-            //disable asp.net headers (security)
-		    app.PreSendRequestHeaders += (sender, args) =>
-		        {
-                    var httpContext = ((HttpApplication)sender).Context;
-					try
-					{
-						httpContext.Response.Headers.Remove("Server");
-						//this doesn't normally work since IIS sets it but we'll keep it here anyways.
-						httpContext.Response.Headers.Remove("X-Powered-By");
-					}
-					catch (PlatformNotSupportedException ex)
-					{
-						// can't remove headers this way on IIS6 or cassini.
-					}
-		        };
 		}
 
 		public void Dispose()