Hello, We are using Tomcat 6.x version and we need to implement the following headers in our environment.
Headers: 1) Strict-Transport-Security 2) Content-Security-Policy 3) Public-Key-Pins 4) X-Frame-Options 5) X-XSS-Protection 6) X-Content-Type-Options 7) X-Robots-Tag When I checked the Tomcat 6 version webpage (https://tomcat.apache.org/tomcat-6.0-doc/config/filter.html), I don't see any filters that implement any these headers. Some of them are available in Tomcat 7 version webpage (https://tomcat.apache.org/tomcat-7.0-doc/config/filter.html), but we cannot upgrade to Tomcat 7.x version due to some constraints. Can you kindly guide me how to implement these headers in Tomcat 6.x version. All your comments on this topic are welcome. Kind Regards, Mohammad Nayeem ________________________________ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. ______________________________________________________________________________________ www.accenture.com