X-Frame-Options header missing 漏洞修复

数据库 2025-04-08 07:28
0 阅读

解决办法:在tomcat服务器的conf/web.xml 增加过滤器

<filter>
		<filter-name>httpHeaderSecurity</filter-name>
		<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
		<init-param>
			<param-name>antiClickJackingEnabled</param-name>
			<param-value>true</param-value>
		</init-param>
		<init-param>
			<param-name>antiClickJackingOption</param-name>
			<param-value>SAMEORIGIN</param-value>
		</init-param>
		<async-supported>true</async-supported>
	</filter>
	<filter-mapping>
		<filter-name>httpHeaderSecurity</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

2.

猜你喜欢

目录

热门文章