|
|
@ -98,6 +98,11 @@
|
|
|
|
{
|
|
|
|
{
|
|
|
|
"name": "URLBasedCachePreventionFilter",
|
|
|
|
"name": "URLBasedCachePreventionFilter",
|
|
|
|
"class": "org.wso2.carbon.ui.filters.cache.URLBasedCachePreventionFilter"
|
|
|
|
"class": "org.wso2.carbon.ui.filters.cache.URLBasedCachePreventionFilter"
|
|
|
|
|
|
|
|
},
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
"name":"HttpHeaderSecurityFilter",
|
|
|
|
|
|
|
|
"class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
|
|
|
|
|
|
|
|
"params" : [{"name" : "hstsEnabled", "value" : "false"}]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
],
|
|
|
|
],
|
|
|
|
"filterMappings": [
|
|
|
|
"filterMappings": [
|
|
|
@ -108,6 +113,36 @@
|
|
|
|
{
|
|
|
|
{
|
|
|
|
"name": "URLBasedCachePreventionFilter",
|
|
|
|
"name": "URLBasedCachePreventionFilter",
|
|
|
|
"url": "/enrollment/*"
|
|
|
|
"url": "/enrollment/*"
|
|
|
|
|
|
|
|
},
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
"name":"HttpHeaderSecurityFilter",
|
|
|
|
|
|
|
|
"url":"*"
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
],
|
|
|
|
|
|
|
|
"listeners" : [
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
"class" : "org.owasp.csrfguard.CsrfGuardServletContextListener"
|
|
|
|
|
|
|
|
},
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
"class" : "org.owasp.csrfguard.CsrfGuardHttpSessionListener"
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
],
|
|
|
|
|
|
|
|
"servlets" : [
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
"name" : "JavaScriptServlet",
|
|
|
|
|
|
|
|
"class" : "org.owasp.csrfguard.servlet.JavaScriptServlet"
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
],
|
|
|
|
|
|
|
|
"servletMappings" : [
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
"name" : "JavaScriptServlet",
|
|
|
|
|
|
|
|
"url" : "/csrf.js"
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
],
|
|
|
|
|
|
|
|
"contextParams" : [
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
"name" : "Owasp.CsrfGuard.Config",
|
|
|
|
|
|
|
|
"value" : "/repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
]
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|
|
|
|