Skip to main content
Skip table of contents

Secure HTTP Gateway headers

Secure HTTP headers in application session responses can be added on the gateways, which can help to protect users of the application.

There is no direct security impact associated without the headers, but supporting them aids in achieving security in depth.

Adjust http.conf on the Gateway:

CODE 
Header set Cross-Origin-Embedder-Policy "require-corp"
Header set Cross-Origin-Opener-Policy "same-origin"
Header set Permissions-Policy "geolocation=(self), camera=()"
Header set X-Permitted-Cross-Domain-Policies "none"

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close