Added security filters to jaggery.conf

components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/jaggery.conf

@@ -66,24 +66,39 @@
     },
   "filters": [
     {
-      "name": "URLBasedCachePreventionFilter",
+            "name": "ContentTypeBasedCachePreventionFilter",
-      "class": "org.wso2.carbon.ui.filters.cache.URLBasedCachePreventionFilter"
+            "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
+            "params" : [
+                {"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
+                {"name" : "filterAction", "value" : "enforce"},
+                {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
+            ]
     },
     {
       "name":"HttpHeaderSecurityFilter",
       "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
       "params" : [{"name" : "hstsEnabled", "value" : "false"}]
+    },
+    {
+        "name" : "CSRFGuard",
+        "class" : "org.owasp.csrfguard.CsrfGuardFilter"
     }
+
   ],
   "filterMappings": [
-    {
-      "name": "URLBasedCachePreventionFilter",
-      "url": "/api/*"
-    },
     {
       "name":"HttpHeaderSecurityFilter",
        "url":"*"
+    },
+    {
+        "name" : "CSRFGuard",
+        "url" : "/*"
+    },
+    {
+        "name":"ContentTypeBasedCachePreventionFilter",
+        "url":"*"
     }
+
   ],
   "listeners" : [
       {
@@ -108,7 +123,7 @@
     "contextParams" : [
       {
         "name" : "Owasp.CsrfGuard.Config",
-        "value" : "/repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
+        "value" : "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
       }
     ]
 }