Add X-Frame response headers... Brocade to Kemp


I am trying to add the following to comply with ASV ..  Brocade uses scripting, trying to decipher for Kemp X-15 ...  any help is appreciated
http.addResponseHeader( "X-Frame-Options", "SAMEORIGIN" );
http.addResponseHeader( "X-XSS-Protection", "1; mode=block" );
http.addResponseHeader( "X-Content-Type-Options", "nosniff" );
http.addResponseHeader( "Content-Security-Policy", "" );
http.addResponseHeader( "Strict-Transport-Security", "max-age=31536000; includeSubDomains" );

1 comment

Nick Smylie Official comment

Hi Chuck,

You will need to first create the rule under Rules & Checking > Content rules, image below.

Next you will need to assign that rule to any virtual service(VS).  You do this under advanced properties > HTTP Header Modifications > Add response rule.  You will need to create a different content rule per header.  And you will also need to add these headers in on every VS you need the headers injected in.