If the technology is java/j2ee then you can implements some sort of servlet
filter where you can manipulate the HTTP response to add these headers for
each outgoing response. I believe other platforms like .Net should also
support similar feature to customize the request and response objects.
O
Hello,
Can someone please let me know if the following headers are compatible with
Tomcat 6.x version? If yes, then how do we enable them?
Headers:
1) Strict-Transport-Security
2) Content-Security-Policy
3) Public-Key-Pins
4) X-Frame-Options
5) X-XSS-Protection
6) X-Content-Type-Options
7) X-Rob
