tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Vargas M." <alejandro.var...@kymsolutions.com>
Subject security headers
Date Wed, 01 Nov 2017 19:37:31 GMT
Hello,

     I recently used on web.xml

    <filter>
         <filter-name>httpHeaderSecurity</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>


         <async-supported>true</async-supported>
     </filter>

     <filter-mapping>
         <filter-name>httpHeaderSecurity</filter-name>
         <url-pattern>/*</url-pattern>
     </filter-mapping>

to enable some security headers, but it won't enable Content Security 
Policy header. Is there anyway to enable Content Security Policy at top 
server level???

Thanks in advance.

-- 

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message