[Bug 58735] New: Add support for X-XSS-Protection header

bugzilla Mon, 14 Dec 2015 10:10:25 -0800

https://bz.apache.org/bugzilla/show_bug.cgi?id=58735


            Bug ID: 58735
           Summary: Add support for X-XSS-Protection header
           Product: Tomcat 9
           Version: 9.0.0.M1
          Hardware: All
                OS: All
            Status: NEW
          Severity: minor
          Priority: P2
         Component: Catalina
          Assignee: [email protected]
          Reporter: [email protected]

Created attachment 33349
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=33349&action=edit
The patch that implements this feature.

The Tomcat's HttpHeaderSecurityFilter allows to set useful security related
headers but it doesn't support the X-XSS-Protection header:
https://www.owasp.org/index.php/List_of_useful_HTTP_headers

The attached patch enhance the filter to support this header.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 58735] New: Add support for X-XSS-Protection header

Reply via email to