Log in
Skip to sidebar
Skip to main content
Linked Applications
Loading…
Apache Software Foundation
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
What’s new
Available Gadgets
About Confluence
Log in
OFBiz Project Open Wiki
Pages
Space shortcuts
How-to articles
Child pages
Keeping OFBiz secure
How to Secure HTTP Headers
Browse pages
Configure
Space tools
View Page
A
t
tachments (1)
Page History
Page Information
View in Hierarchy
View Source
Delete comments
Export to PDF
Export to Word
Copy Page Tree
Pages
…
Home
Documentation
Technical Documentation
Keeping OFBiz secure
How to Secure HTTP Headers
Page Information
Title:
How to Secure HTTP Headers
Author:
Jacques Le Roux
Dec 12, 2015
Last Changed by:
Jacques Le Roux
Oct 20, 2017
Tiny Link:
(useful for email)
https://cwiki.apache.org/confluence/x/4tqnAw
Export As:
Word
·
PDF
Incoming Links
OFBiz Project Open Wiki (1)
Page:
Keeping OFBiz secure
Hierarchy
Parent Page
Page:
Keeping OFBiz secure
Labels
There are no labels assigned to this page.
Recent Changes
Time
Editor
Oct 20, 2017 08:06
Jacques Le Roux
View Changes
Adds a summary
Oct 20, 2017 08:04
Jacques Le Roux
View Changes
Adds a Content Security Policy
Oct 19, 2017 09:26
Jacques Le Roux
View Changes
Adds Referrer-Policy
Oct 19, 2017 08:51
Jacques Le Roux
View Changes
Adds Public-Key-Pins-Report-Only (though stuff)
Oct 18, 2017 13:41
Jacques Le Roux
WIP...
View Page History
Outgoing Links
External Links (29)
https://en.wikipedia.org/wiki/Internet_Explorer
https://www.owasp.org/index.php/HTTP_Strict_Transport_Secur…
https://tomcat.apache.org/tomcat-7.0-doc/security-howto.htm…
https://securityheaders.io/
https://www.owasp.org/index.php/Testing_for_cookies_attribu…
www.troyhunt.com/2015/06/understanding-http-strict-transpor…
https://wiki.mozilla.org/Security/Guidelines/Web_Security#C…
https://scotthelme.co.uk/content-security-policy-an-introdu…
https://www.owasp.org/index.php/HttpOnly
https://www.owasp.org/index.php/Clickjacking
https://en.wikipedia.org/wiki/Google_Chrome
https://issues.apache.org/jira/browse/OFBIZ-6766?focusedCom…
https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_…
https://bugzilla.mozilla.org/show_bug.cgi?id=471020
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Securit…
https://wiki.mozilla.org/Security/Features/XSS_Filter
https://s.apache.org/Pggc
www.browserscope.org/?category=security
https://bugzilla.mozilla.org/show_bug.cgi?id=528661
blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-c…
https://hstspreload.appspot.com/
https://csp.withgoogle.com/docs/adopting-csp.html
https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
https://raymii.org/s/tutorials/HTTP_Strict_Transport_Securi…
https://content-security-policy.com/
https://blog.appcanary.com/2017/http-security-headers.html
https://tomcat.apache.org/migration-7.html#Session_cookie_c…
https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-O…
https://mail-archives.apache.org/mod_mbox/tomcat-users/2015…
OFBiz Project Open Wiki (1)
Page:
How to Secure HTTP Headers
Overview
Content Tools
Apps
{"serverDuration": 102, "requestCorrelationId": "c73fb9965adc2118"}
