Hi Community,
I want to set the "Referrer-Policy: no-referrer" in HTTPS headers for security purpose on my on premise application, I know it should be done on Factory configiration but how to do it, Can any tell me how to perform this action step by step.
Thanks in Advance
Hi @Balaji Ravikumar,
please check the below post and try this forge component:
https://www.outsystems.com/forge/component-overview/25/factory-configuration
https://www.outsystems.com/forums/discussion/60471/how-to-setup-the-web-config-file-to-send-http-security-headers-to-your-app/
Regards,
Manish Jawla
Hi @Manish Jawla
I already cross verified this post, I just want the step by step procedure for my case, Like which XML file should i upload in shared configure to set the "Referrer-Policy: no-referrer" in HTTPS headers.
Can you explain with any screent shots.
Thanks
Hi Balaji,
You can follow the steps explain here and then add the following shared configuration to the form:
<?xml version="1.0" encoding="UTF-8"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:output method="xml" indent="yes" encoding="UTF-8"/> <xsl:template match="@*|node()"> <xsl:copy> <xsl:apply-templates select="@*|node()"/> </xsl:copy> </xsl:template> <xsl:template match="/configuration/system.webServer/httpProtocol/customHeaders"> <xsl:copy> <xsl:apply-templates select="@*|node()"/> <add name="Referrer-Policy" value="no-referrer" /> </xsl:copy> </xsl:template> </xsl:stylesheet>
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:output method="xml" indent="yes" encoding="UTF-8"/>
<xsl:template match="@*|node()">
<xsl:copy>
<xsl:apply-templates select="@*|node()"/>
</xsl:copy>
</xsl:template>
<xsl:template match="/configuration/system.webServer/httpProtocol/customHeaders">
<add name="Referrer-Policy" value="no-referrer" />
</xsl:stylesheet>
Thanks @Nordin Ahdi I will try the mentioned steps and will make this post as solved.
Sure, let us know if it worked for you.