From 4d65bb704c7b5b41e7bbad4c0fa345352977512f Mon Sep 17 00:00:00 2001
From: sinthuja <sinthuja@wso2.com>
Date: Mon, 9 Oct 2017 08:49:15 +0530
Subject: [PATCH] Adding jaggery.conf to store.

---
 .../main/resources/store/public/jaggery.conf  | 84 +++++++++++++++++++
 1 file changed, 84 insertions(+)
 create mode 100755 components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/src/main/resources/store/public/jaggery.conf

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/src/main/resources/store/public/jaggery.conf b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/src/main/resources/store/public/jaggery.conf
new file mode 100755
index 0000000000..5ff8eb120e
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/src/main/resources/store/public/jaggery.conf
@@ -0,0 +1,84 @@
+{
+  "welcomeFiles": [
+    "index.html"
+  ],
+  "urlMappings": [
+    {
+      "url": "/login",
+      "path": "/index.html"
+    },
+    {
+      "url": "/assets/apps",
+      "path": "/index.html"
+    }
+  ],
+  "listeners": [
+    {
+      "class": "org.owasp.csrfguard.CsrfGuardServletContextListener"
+    },
+    {
+      "class": "org.owasp.csrfguard.CsrfGuardHttpSessionListener"
+    }
+  ],
+  "servlets": [
+    {
+      "name": "JavaScriptServlet",
+      "class": "org.owasp.csrfguard.servlet.JavaScriptServlet"
+    }
+  ],
+  "servletMappings": [
+    {
+      "name": "JavaScriptServlet",
+      "url": "/csrf.js"
+    }
+  ],
+  "contextParams": [
+    {
+      "name": "Owasp.CsrfGuard.Config",
+      "value": "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
+    }
+  ],
+  "filters": [
+    {
+            "name": "ContentTypeBasedCachePreventionFilter",
+            "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
+            "params" : [
+                {"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
+                {"name" : "filterAction", "value" : "enforce"},
+                {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
+            ]
+    },
+    {
+      "name": "HttpHeaderSecurityFilter",
+      "class": "org.apache.catalina.filters.HttpHeaderSecurityFilter",
+      "params": [
+        {
+          "name": "hstsEnabled",
+          "value": "false"
+        },
+        {
+          "name": "antiClickJackingOption",
+          "value": "SAMEORIGIN"
+        }
+      ]
+    },
+    {
+        "name" : "CSRFGuard",
+        "class" : "org.owasp.csrfguard.CsrfGuardFilter"
+    }
+  ],
+  "filterMappings": [
+    {
+      "name": "HttpHeaderSecurityFilter",
+      "url": "*"
+    },
+    {
+        "name" : "CSRFGuard",
+        "url" : "/*"
+    },
+    {
+        "name":"ContentTypeBasedCachePreventionFilter",
+        "url":"*"
+    }
+  ]
+}