在播放框架配置中添加安全标头
[英]Adding security headers in play framework configuration
问题描述
I am trying to add additional security headers in play framework configuration but my changes are not getting reflected. 
我试图在播放框架配置中添加其他安全标头,但我的更改未得到体现。 I read through the play documentation and it says the play.filters.headers only accept 5 pre-defined security headers. 我通读了播放文档,并说play.filters.headers仅接受5个预定义的安全头。
# Security headers filter configuration
headers {
# The X-Frame-Options header. If null, the header is not set.
frameOptions = "DENY"
# The X-XSS-Protection header. If null, the header is not set.
xssProtection = "1; mode=block"
# The X-Content-Type-Options header. If null, the header is not set.
contentTypeOptions = "nosniff"
# The X-Permitted-Cross-Domain-Policies header. If null, the header is not set.
permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
contentSecurityPolicy = "default-src 'self'"
}
Any idea how to do if i need to add additional headers in the configuration apart from the above 5 mentioned. 如果我需要在配置中添加上述5个标题以外的其他标头,该怎么办。
Play version is 2.2.3 播放版本为2.2.3
1 个解决方案
解决方案1
0 2016-02-10 23:10:38
Play's security headers filter isn't available for Play 2.2.x. Play的安全标头过滤器不适用于Play2.2.x。 It was first introduced with Play 2.3 它最初是在Play 2.3中引入的
You probably were looking at the latest (2.4.x at the time of writing this) docs. 您可能正在查看最新的文档(撰写本文时为2.4.x)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.