Dear support team
I config tomcat server to enabled HSTS some request URI path not response
with Secure heading
The configuration illustrated below
<filter>
<filter-name>httpHeaderSecurity</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<async-supported>true</async-supported>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>hstsIncludeSubDomains</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>hstsMaxAgeSeconds</param-name>
<param-value>31536000</param-value>
</init-param>
<init-param>
<param-name>antiClickJackingEnabled</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>antiClickJackingOption</param-name>
<param-value>SAMEORIGIN</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>httpHeaderSecurity</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
I some request URI such as http://192.168.1.1/%20 is not response with
security hedering
this is working
[image: image.png]
this not working
[image: image.png]
Please suggest me to solve this problem.
Thank you.
Regards.
*ปฐวี สรรค์ชลPattavee SANCHOL*
* <http://www.thaidigitalid.com> *
*Thai Digital ID CO.,LTD. <http://www.thaidigitalid.com>*
319, 25th Floor, Room 10-11, Chamchuri Square Building,
Phayathai Road, Phathum Wan, Bangkok
Thailand 10330
Tel : +66-029-0290 ext. 3317
E-mail : [email protected]
--
