Added security filters to jaggery.conf

4.x.x
Maninda 8 years ago
parent 810bd1d2ad
commit 4fbab80782

@ -66,24 +66,39 @@
}, },
"filters": [ "filters": [
{ {
"name": "URLBasedCachePreventionFilter", "name": "ContentTypeBasedCachePreventionFilter",
"class": "org.wso2.carbon.ui.filters.cache.URLBasedCachePreventionFilter" "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
"params" : [
{"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
{"name" : "filterAction", "value" : "enforce"},
{"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
]
}, },
{ {
"name":"HttpHeaderSecurityFilter", "name":"HttpHeaderSecurityFilter",
"class":"org.apache.catalina.filters.HttpHeaderSecurityFilter", "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
"params" : [{"name" : "hstsEnabled", "value" : "false"}] "params" : [{"name" : "hstsEnabled", "value" : "false"}]
},
{
"name" : "CSRFGuard",
"class" : "org.owasp.csrfguard.CsrfGuardFilter"
} }
], ],
"filterMappings": [ "filterMappings": [
{ {
"name": "URLBasedCachePreventionFilter", "name":"HttpHeaderSecurityFilter",
"url": "/api/*" "url":"*"
},
{
"name" : "CSRFGuard",
"url" : "/*"
}, },
{ {
"name":"HttpHeaderSecurityFilter", "name":"ContentTypeBasedCachePreventionFilter",
"url":"*" "url":"*"
} }
], ],
"listeners" : [ "listeners" : [
{ {
@ -108,7 +123,7 @@
"contextParams" : [ "contextParams" : [
{ {
"name" : "Owasp.CsrfGuard.Config", "name" : "Owasp.CsrfGuard.Config",
"value" : "/repository/conf/security/Owasp.CsrfGuard.dashboard.properties" "value" : "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
} }
] ]
} }
Loading…
Cancel
Save