How to set X

2018-06-16 04:02:11

I am getting below alerts when we test our URL on ZAP tool:

X-Frame - Options Header Not Set

Web Browser XSS Protection Not Enabled

X-Content-Type - Options Header Missing

We have successfully set X-Frame-options and X-content type-options in REST and Servlet calls. But don't know how to set those in html and Javascripts?

can anyone suggest the solution.

The X-Frame-Options header is added on the server-side, not the client. This is because the header is used to control how the browser should render the page.

Whatever server is hosting your file would have to add this header. From here

链接地址: http://www.djcxy.com/p/45804.html

上一篇: 从.NET 3.5 WCF Web服务（REST）返回JSON和XML格式

下一篇: 如何设置X