[OCI-C LBaaS] How To Suppress Both "X-Frame-Options" and "Strict-Transport-Security" Headers in Oracle OCI-Classic Load Balancer
(Doc ID 2435410.1)
Last updated on FEBRUARY 25, 2019
Applies to:Oracle Compute Cloud Service - Version N/A to N/A
Information in this document applies to any platform.
With OCI-Classic Load Balancer as a Service (LBaaS), the string "HTTP Strict-Transport-Security" (HSTS) might be seen appended to an HTTP header. The goal of this document is to explain how to set an LBaaS policy to disable this HSTS response header.
HTTP Strict-Transport-Security (HSTS) is an industry standard, created to prevent man-in-the-middle attacks. See the following 3rd party links for more information on HSTS.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document