Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-30356

Convert the SecurityHeadersInterceptor into a filter that applies to /*

    XMLWordPrintable

Details

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion.

      The X-XSS-Protection HTTP header should be sent on all responses with a value of "1; mode=block". As the current implementation is done in an interceptor(0) it is possible for some resources to be sent without the X-XSS-Protection header.

      (0) SecurityHeadersInterceptor is in the default interceptor stack.

      Attachments

        Issue Links

          is related to

          Suggestion - CONFSERVER-30356 Convert the SecurityHeadersInterceptor into a filter that applies to /*

          • Closed

          Activity

            People

              dblack David Black
              dblack David Black
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: