Hello,
I recently used on web.xml
<filter>
<filter-name>httpHeaderSecurity</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>httpHeaderSecurity</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
to enable some security headers, but it won't enable Content Security
Policy header. Is there anyway to enable Content Security Policy at top
server level???
Thanks in advance.
--
