From 8aed7c67a91c52cb751c3e2b56d0f74756e52415 Mon Sep 17 00:00:00 2001 From: Maninda Date: Mon, 16 Jan 2017 15:00:03 +0530 Subject: [PATCH] Added devicemgt web app configs to secure web app --- .../src/main/webapp/WEB-INF/web.xml | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml index dc7eda629b..aa49482557 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml @@ -74,6 +74,43 @@ ApiOriginFilter org.wso2.carbon.device.mgt.jaxrs.ApiOriginFilter + + + HttpHeaderSecurityFilter + org.apache.catalina.filters.HttpHeaderSecurityFilter + + hstsEnabled + false + + + + + ContentTypeBasedCachePreventionFilter + org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter + + patterns + "text/html*","application/json*","text/plain*" + + + filterAction + enforce + + + httpHeaders + Cache-Control: no-store, no-cache, must-revalidate, private + + + + + HttpHeaderSecurityFilter + /* + + + + ContentTypeBasedCachePreventionFilter + /* + + ApiOriginFilter /*