From 0899720f168c09d037e577109d7cab665fe1fb91 Mon Sep 17 00:00:00 2001 From: vasraz Date: Tue, 4 Oct 2022 18:16:26 +0100 Subject: Fix bug 'X-Frame-Options not configured: Lack of clickjacking protection' Add new Filter (ContentSecurityPolicyHeaderFilter) Signed-off-by: Vasyl Razinkov Change-Id: Ic8151df64e4b95b3d59b44a5f74dd12210f55e87 Issue-ID: SDC-4192 --- .../notifications-fe/src/main/webapp/WEB-INF/web.xml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF') diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml index 9191a35786..b51399ca54 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml @@ -4,7 +4,6 @@ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0"> - contextConfigLocation @@ -15,6 +14,16 @@ org.openecomp.server.listeners.OnboardingAppStartupListener + + contentSecurityPolicyHeaderFilter + org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter + true + + + contentSecurityPolicyHeaderFilter + /* + + cross-origin org.eclipse.jetty.servlets.CrossOriginFilter -- cgit 1.2.3-korg