My Oracle Support Banner

Is the HTTP Content-Security-Policy (CSP) frame-ancestors Directive Supported in Oracle GlassFish Server (Doc ID 2591462.1)

Last updated on JULY 03, 2020

Applies to:

Oracle GlassFish Server - Version 2.1.1 to 3.1.2 [Release 2.1 to 3.1]
Information in this document applies to any platform.

Goal

Is the HTTP Content-Security-Policy (CSP) frame-ancestors directive supported in Oracle GlassFish Server?

For example:

((HttpServletResponse)response).addHeader("X-Frame-Options", "deny");
  ((HttpServletResponse)response).addHeader("Content-Security-Policy", "frame-ancestors 'none'");

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.