Hello Cesar,
Are you talking about security header like these? I usually confgure this type of security headers at Web server/Proxy level.
- Strict-Transport-Security
- Content-Security-Policy
- X-XSS-Protection
- X-Frame-Options "SAMEORIGIN";
- X-Content-Type-Options nosniff;
- Referrer-Policy "strict-origin";
- Permissions-Policy
Regards,
------------------------------
Gabriel Aberasturi
Versia tecnologias emergentes
------------------------------
Original Message:
Sent: Fri May 20, 2022 03:51 PM
From: Cesar Garcia
Subject: Setting Security Headers on WAS 7
I've been searching for a way to update security headers for a ear/war application hosted on WAS 7. I don't have IBM Http Server available to me. I was wondering if the only way to set the Security Headers is through the ear/war application. Any assistance or directing or resource would be appreciated.
------------------------------
Cesar Garcia
------------------------------