Convergence And Application Hardening
(Doc ID 2498933.1)
Last updated on JULY 07, 2021
Applies to:Oracle Communications Convergence - Version 3.0.1 and later
Information in this document applies to any platform.
Questions based around following Glassfish documents:
As part of web application hardening, guidance is required on where in the Convergence configuration/files, following items can be added:
- Remove/invalidate/constrain the HTTP OPTIONS and HTTP DELETE methods.
- Add custom HTTP response headers & values for security headers such as Strict-Transport-Security, Content-Security-Policy, X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, and Referrer-Policy.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document