Created
June 15, 2016 16:35
-
-
Save jauderho/26e85241901fa8109e5c83b23ab674b5 to your computer and use it in GitHub Desktop.
Tomcat HTTP Security Headers & Expires
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <filter-mapping> | |
| <filter-name>httpHeaderSecurity</filter-name> | |
| <url-pattern>/*</url-pattern> | |
| <dispatcher>REQUEST</dispatcher> | |
| </filter-mapping> | |
| <filter> | |
| <filter-name>httpHeaderSecurity</filter-name> | |
| <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> | |
| <init-param> | |
| <param-name>hstsEnabled</param-name> | |
| <param-value>true</param-value> | |
| </init-param> | |
| </filter> | |
| <filter> | |
| <filter-name>httpHeaderSecurity</filter-name> | |
| <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> | |
| <init-param> | |
| <param-name>hstsMaxAgeSeconds</param-name> | |
| <param-value>31536000</param-value> | |
| </init-param> | |
| </filter> | |
| <filter> | |
| <filter-name>httpHeaderSecurity</filter-name> | |
| <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> | |
| <init-param> | |
| <param-name>hstsIncludeSubDomains</param-name> | |
| <param-value>true</param-value> | |
| </init-param> | |
| </filter> | |
| <filter> | |
| <filter-name>httpHeaderSecurity</filter-name> | |
| <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> | |
| <init-param> | |
| <param-name>antiClickJackingEnabled</param-name> | |
| <param-value>true</param-value> | |
| </init-param> | |
| </filter> | |
| <filter> | |
| <filter-name>httpHeaderSecurity</filter-name> | |
| <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> | |
| <init-param> | |
| <param-name>antiClickJackingOption</param-name> | |
| <param-value>SAMEORIGIN</param-value> | |
| </init-param> | |
| </filter> | |
| <filter> | |
| <filter-name>httpHeaderSecurity</filter-name> | |
| <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> | |
| <init-param> | |
| <param-name>blockContentTypeSniffingEnabled</param-name> | |
| <param-value>true</param-value> | |
| </init-param> | |
| </filter> | |
| <filter> | |
| <filter-name>httpHeaderSecurity</filter-name> | |
| <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> | |
| <init-param> | |
| <param-name>xssProtectionEnabled</param-name> | |
| <param-value>true</param-value> | |
| </init-param> | |
| </filter> | |
| <filter-mapping> | |
| <filter-name>expiresFilter</filter-name> | |
| <url-pattern>/*</url-pattern> | |
| <dispatcher>REQUEST</dispatcher> | |
| </filter-mapping> | |
| <filter> | |
| <filter-name>expiresFilter</filter-name> | |
| <filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class> | |
| <init-param> | |
| <param-name>ExpiresByType image</param-name> | |
| <param-value>modification plus 30 days</param-value> | |
| </init-param> | |
| <init-param> | |
| <param-name>ExpiresByType text/css</param-name> | |
| <param-value>modification plus 30 days</param-value> | |
| </init-param> | |
| <init-param> | |
| <param-name>ExpiresByType text/html</param-name> | |
| <param-value>modification plus 30 days</param-value> | |
| </init-param> | |
| <init-param> | |
| <param-name>ExpiresByType application/javascript</param-name> | |
| <param-value>modification plus 30 days</param-value> | |
| </init-param> | |
| <init-param> | |
| <param-name>ExpiresExcludedResponseStatusCodes</param-name> | |
| <param-value>302, 500, 503</param-value> | |
| </init-param> | |
| </filter> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment