Forum Discussion
visual2008_3086
Oct 17, 2017Nimbostratus
HTTP header X-XSS-Protection, X-Content-Type-Options issue
I am trying to insert the HTTP header X-XSS-Protection, X-Content-Type-Options in order to mitigate a security vunerability. I have found an irule solution, but when I implemented the solution, a cod...
Jad_Tabbara__J1
Oct 17, 2017Cirrostratus
Hey
I've only corrected you syntax
when HTTP_RESPONSE {
if { ! [HTTP::header exists "X-Content-Type-Options"] } {
HTTP::header insert "X-Content-Type-Options" "'nosniff'"
}
if { ! [HTTP::header exists "X-XSS-Protection"] } {
HTTP::header insert "X-XSS-Protection" "1; mode=block"
}
}
Now you should be able to create it.
Please give me a feedback
Regards
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects