Alex O'Ree created JSPWIKI-1237:
-----------------------------------
Summary: Add the OWASP recommended http response headers
Key: JSPWIKI-1237
URL: https://issues.apache.org/jira/browse/JSPWIKI-1237
Project: JSPWiki
Issue Type: New Feature
Reporter: Alex O'Ree
{{ Strict-Transport-Security: max-age=63072000; includeSubDomains; preload}}
{{ X-Frame-Options: DENY}}
{{ X-Content-Type-Options: nosniff}}
{{ Content-Security-Policy: default-src 'self'; script-src 'self'
'unsafe-inline'; style-src 'self'; img-src 'self';}}
{{ Referrer-Policy: no-referrer-when-downgrade}}
{{ X-Permitted-Cross-Domain-Policies: none}}
{{ Clear-Site-Data: "cookies", "storage"}}
{{ Cross-Origin-Embedder-Policy: require-corp}}
{{ Cross-Origin-Resource-Policy: same-origin}}{{}}{{I'll make them all
optional add ons. never know what might break things}}{{}}{{}}{{}}{{}}{{}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
