Skip to content
Commit 03dad8af authored by abirembaut's avatar abirembaut Committed by GitHub
Browse files

fix(HTTP headers): enforce X-Content-Type and X-Frame headers on (#650)

platform

- support empty config exclude pattern to override default
- remove X-XSS-Protection as IE is no longer supported
- separate X-Content-Type-Options and X-Frame-Options into different
servlet filter
- support exclusion pattern and configurable header values (in web.xml)

Relates to [BPO-664](https://bonitasoft.atlassian.net/browse/BPO-664)
parent 93d29ffb
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment