Hi, On Wed, Sep 9, 2020 at 8:54 PM Nitin Kadam <nitinkadam1...@gmail.com> wrote:
> Hi All, > > Need to set the *Content security policy* header for Tomcat Web server > (8.5..x) which hosted on Windows server 2012, As per the internal security > team same is not a complaint > can you please help me setting CSP filters for my Tomcat application > hosted on windows server. > You can use javax.servlet.Filter to add such custom headers. See https://github.com/apache/tomcat/blob/53c304ad1f65a09c921c40e03a115de438f6c68a/java/org/apache/catalina/filters/HttpHeaderSecurityFilter.java for inspiration. More about Filters you can read in the web, e.g. https://www.tutorialspoint.com/servlets/servlets-writing-filters.htm > > below the screenshot from securityheaders.com > > [image: image.png] > > -- > Regards > Nitin Kadam > >