fix(HTTP headers): enforce X-Content-Type and X-Frame headers on (#650)
platform - support empty config exclude pattern to override default - remove X-XSS-Protection as IE is no longer supported - separate X-Content-Type-Options and X-Frame-Options into different servlet filter - support exclusion pattern and configurable header values (in web.xml) Relates to [BPO-664](https://bonitasoft.atlassian.net/browse/BPO-664)
Please register or sign in to comment