My Oracle Support Banner

Argus Safety Recommended IIS Security Parameters for HTTP Response Headers 'Strict-Transport-Security' and 'X-XSS-Protection' (Doc ID 2852973.1)

Last updated on MARCH 03, 2022

Applies to:

Oracle Argus Safety - Version 8.2.1 and later
Information in this document applies to any platform.


Documentation of good configuration practices for Strict-Transport-Security and X-XSS-Protection that are recommended to be applied for preventive purposes.  These are non-critical parameters and their implementation is optional.

For further information, please refer to:

Strict-Transport-Security Strict-Transport-Security - HTTP | MDN (

X-XSS-Protection X-XSS-Protection - HTTP | MDN (



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.