Question

How to set a HTTP Header

0

For security reasons I need to set the HTTP Header : X-Content-Type-Options=nosniff on all pages. Where in Mendix can I set these kinds of headers?

asked 2020-07-22

Martin van Dijk

1 answers

Tim v Steenbergen · Accepted Answer · 2020-07-23

A bit more context would help. I assume you are consuming a REST-call here. in that case you add the header in the call-rest-activity.

*Editted* Ah, You are trying to implement this on your website. I have tested if Mendix has implemented this by default: https://gf.dev/tests/mqtllqyrz5t. Apparently not.

Here is a description of how to implement no-sniff protection: https://geekflare.com/http-header-implementation/. It needs to be done on the server. Since your server-manager is Mendix (again: I assume this) you best contact your CSM, customer support manager, at Mendix and ask for the possibilities.