How To articles are not official guidelines or officially supported documentation. They are community-contributed content and may not always reflect the latest updates to Liferay DXP. We welcome your feedback to improve How To articles!
While we make every effort to ensure this Knowledge Base is accurate, it may not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with any feedback or concerns.
# # Set this to true for the portal to send the "X-Frame-Options: DENY" HTTP # header to protect against clickjacking. # # Custom HTTP header values instead of "DENY" can be specified per URL via # the properties "http.header.secure.x.frame.options.*". # http.header.secure.x.frame.options=true
# # Set this to nonempty value for the portal to send the "X-XSS-Protection" # HTTP header to block cross-site scripting attacks. Possible nonempty # values are "0", "1" and "1; mode=block" # http.header.secure.x.xss.protection=1
# # Set this to true for the portal to send the "X-Content-Type-Options: # nosniff" HTTP header to protect against MIME sniffing. Custom URLs can # specified in the property # "http.header.secure.x.content.type.options.urls.excludes" that allow for # unhindered MIME sniffing. # http.header.secure.x.content.type.options=true
