HTTP HeadersPDF version

Enable HTTP Security Headers

Provides information on HTTP security headers.

When Enable HTTP security headers is enabled, the following HTTP headers will be included in HTTP responses from servers:
  • X-XSS-Protection
  • X-DNS-Prefetch-Control
  • X-Frame-Options
  • X-Download-Options
  • X-Content-Type-Options

This property is enabled by default .

Disabling this property could leave your Cloudera Data Science Workbench deployment vulnerable to clickjacking, cross-site scripting (XSS), or any other injection attacks.