Adding security filters for websocket web.xml

2025-09-16 23:42:15 +00:00 · 2017-04-27 17:37:17 +05:30 · 2017-04-27 17:37:17 +05:30 · d1ee78eaed
commit d1ee78eaed
parent 1a91d1ddc0
1 changed files with 35 additions and 0 deletions
--- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket.endpoint/src/main/webapp/WEB-INF/web.xml
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket.endpoint/src/main/webapp/WEB-INF/web.xml
@ -21,4 +21,39 @@

 <web-app>
    <display-name>Output WebSocket</display-name>
+    <filter>
+        <filter-name>HttpHeaderSecurityFilter</filter-name>
+        <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
+        <init-param>
+            <param-name>hstsEnabled</param-name>
+            <param-value>false</param-value>
+        </init-param>
+    </filter>
+
+    <filter>
+        <filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
+        <filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
+        <init-param>
+            <param-name>patterns</param-name>
+            <param-value>text/html" ,application/json" ,text/plain</param-value>
+        </init-param>
+        <init-param>
+            <param-name>filterAction</param-name>
+            <param-value>enforce</param-value>
+        </init-param>
+        <init-param>
+            <param-name>httpHeaders</param-name>
+            <param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
+        </init-param>
+    </filter>
+
+    <filter-mapping>
+        <filter-name>HttpHeaderSecurityFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+    <filter-mapping>
+        <filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
 </web-app>