Web security enhancements
The httpd
server configuration is updated to append certain web API
headers.
The following headers are added to the web APIs for improved security in web clients:
Content-Security-Policy
X-Content-Type-Options
X-XSS-Protection
HTTP Strict-Transport-Security
These headers are appended to all the web API requests.