-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nitin,
On 10/3/19 09:54, Nitin Kadam wrote: > Hell All, > > Internal security team recommended to set *Content security policy* > header for Web server as same is not complaint with security > standard. can you please help me setting CSP filters for my Tomcat > application hosted on windows server. Do you know the value you want to use for your CSP header? Enabling the header can be done in a number of ways, including using http://tomcat.apache.org/tomcat-9.0-doc/rewrite.html - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl2WajgACgkQHPApP6U8 pFg9VxAAuhUwoIwgFmT23ynF/DNJxVaHVcIpu3v6ekHOE59T8mL4wd6s8356nw7G tR19Q8S8aiRNiPWIfa9N5Ifis2p9KCJVCxck9PPxzqCVYM2wLaBWIzyoJz3GRQ4S hDLdEhGJYEDUY6Oc1LLaa/ZhFz6+cb03NXRtmMT+ynVyO1w3BgL9+DbRhbqdbEd2 SeFlAQTudakOcHe1nfy5r0pyaoGAVcPp5G6vLLtanWTPSpe2lWlRlW3Y6UAPFYBz g2iNoIfsvIUR4sGcHcJXQZZ4hPFCvmOdziCXx1duG3P2ki4HZ11Zn3FyqfexCAwb 7Di1f7m0kIZ52b/a6gDagZ5zg3FPKkDw4esW7ml0Bm73va4yD0hmg7Pv/nBIalcI hNOl0fxpPnuq/XzfCzZM8ep7MweHD9U0xDnQQ6nVdLz8HjbM0fvUxe375brASGcT KuCC3xqLy2xokVwNN+AAi5ccsOB+b5hPzF69XT4DlvZszTuwsYpIFCudfvVY/Zzk SSogvNDGF5ERll7xVS6//NguwPfMFzeS7v01AtP+ojf6Bl4c6jEoH8mEgckTaVyR R5kX9yeDOwnA2Q8DHOw32R748UcfoErophkGLbqpuS3uHIkQQQA0UuWgFWZHDUfl H2DBkFtDmlCLQR4m8F6WCbANsllZvf9LQBfsysCDb66CvMep9wQ= =oC/r -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
