Skip to content

Commit

Permalink
CSCwe67174: Add common security response headers
Browse files Browse the repository at this point in the history
  • Loading branch information
ARUNANGSHU CHATTERJEE committed Apr 28, 2023
1 parent b9184df commit d7be1b1
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions gateway/handler_error.go
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,23 @@ func (e *ErrorHandler) HandleError(w http.ResponseWriter, r *http.Request, errMs
response.Header.Add(headers.XGenerator, "Cisco Nexus Dashboard")
}

// Cisco Change - Add common security headers
// Add HSTS Header
w.Header().Set("Strict-Transport-Security", "max-age=31536000; includeSubDomains")
response.Header.Set("Strict-Transport-Security", "max-age=31536000; includeSubDomains")

// Add X-XSS Header
w.Header().Set(headers.XXSSProtection, "1; mode=block")
response.Header.Set(headers.XXSSProtection, "1; mode=block")

// Add X-Content-Type-Options Header
w.Header().Set(headers.XContentTypeOptions, "nosniff")
response.Header.Set(headers.XContentTypeOptions, "nosniff")

// Add X-Frame-Options Header
w.Header().Set(headers.XFrameOptions, "SAMEORIGIN")
response.Header.Set(headers.XFrameOptions, "SAMEORIGIN")

// Close connections
if e.Spec.GlobalConfig.CloseConnections {
w.Header().Add(headers.Connection, "close")
Expand Down

0 comments on commit d7be1b1

Please sign in to comment.