How to set a HTTP Header
0
For security reasons I need to set the HTTP Header : X-Content-Type-Options=nosniff on all pages. Where in Mendix can I set these kinds of headers?
asked
Martin van Dijk
2 answers
1
This can be done easily in sprinter under environments > Details > Network > HTTP Headers:
answered
Michiel Bijlsma
1
A bit more context would help. I assume you are consuming a REST-call here. in that case you add the header in the call-rest-activity.
*Editted* Ah, You are trying to implement this on your website. I have tested if Mendix has implemented this by default: https://gf.dev/tests/mqtllqyrz5t. Apparently not.
Here is a description of how to implement no-sniff protection: https://geekflare.com/http-header-implementation/. It needs to be done on the server. Since your server-manager is Mendix (again: I assume this) you best contact your CSM, customer support manager, at Mendix and ask for the possibilities.
answered
Tim v Steenbergen