Security fixes on tomcat

srilinux09

New Member
X-Frame-Options:
Apache: Header always append X-Frame-Options SAMEORIGIN

Please suggest which file need to be updated for standalone tomcat 8 plus version.
I have edited this on web.xml but still, scans show the issue is still existing.
 


srilinux09

New Member
Hey there - welcome to the forum.

Have you restarted tomcat/apache after editing the files?

Thank you for the reply
yes I restarted and did OS aswell

I will provide the solution below in detail

Under tomcat conf folder - edit web.xml and add below lines - then restart OS
<init-param>
<param-name>antiClickJackingEnabled</param-name>
<param-value>true</param-value>
</init-param>
 

Members online


Top