Hi Yemi,
You may implement servlet filters to insert these security headers before the
responses reaches the client. I hope this helps.
Ike
-Original Message-
From: Olayemi Olatunji
Sent: Tuesday, March 26, 2019 3:37 AM
To: users@tomcat.apache.org
Subject: Setting headers in tomcat 9
Hi Olayemi,
Am 26.03.2019 09:36, schrieb Olayemi Olatunji:
Hello,
I'm deploying an application on Tomcat 9 which a client has requested
we conduct vulnerability test on.
The test came back with missing headers for the following:
Content-Security-Policy, X-Frame-Options, X-XSS-Protection,
X-Con
Hello,
I'm deploying an application on Tomcat 9 which a client has requested we
conduct vulnerability test on.
The test came back with missing headers for the following:
Content-Security-Policy, X-Frame-Options, X-XSS-Protection,
X-Content-Type-Options, Referrer-Policy, Feature-Policy.
How c