Added security filters to jaggery.conf

revert-70aa11f8
Maninda 8 years ago
parent 810bd1d2ad
commit 4fbab80782

@ -66,24 +66,39 @@
},
"filters": [
{
"name": "URLBasedCachePreventionFilter",
"class": "org.wso2.carbon.ui.filters.cache.URLBasedCachePreventionFilter"
"name": "ContentTypeBasedCachePreventionFilter",
"class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
"params" : [
{"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
{"name" : "filterAction", "value" : "enforce"},
{"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
]
},
{
"name":"HttpHeaderSecurityFilter",
"class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
"params" : [{"name" : "hstsEnabled", "value" : "false"}]
},
{
"name" : "CSRFGuard",
"class" : "org.owasp.csrfguard.CsrfGuardFilter"
}
],
"filterMappings": [
{
"name": "URLBasedCachePreventionFilter",
"url": "/api/*"
},
{
"name":"HttpHeaderSecurityFilter",
"url":"*"
},
{
"name" : "CSRFGuard",
"url" : "/*"
},
{
"name":"ContentTypeBasedCachePreventionFilter",
"url":"*"
}
],
"listeners" : [
{
@ -108,7 +123,7 @@
"contextParams" : [
{
"name" : "Owasp.CsrfGuard.Config",
"value" : "/repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
"value" : "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
}
]
}
Loading…
Cancel
Save