Adding Custom HTTP Headers to a Decisions Installation
- 24 Jul 2024
- 1 Minute to read
- Print
- DarkLight
Adding Custom HTTP Headers to a Decisions Installation
- Updated on 24 Jul 2024
- 1 Minute to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Overview
As a method of passing additional information through a server, Administrators may wish to add custom HTTP Headers to their environment. In doing so, users may add additional security parameters and authentication measures to their environments.
Use Case
Passing additional security requirements via HTTP Headers into a Decisions environment can help prevent issues such as click-jacking or accidental script runs.
As the method of adding HTTP Headers to a v7 Installation is the same, regardless of Installation type (ie. Self-Hosted or IIS), the following document demonstrates how to add custom HTTP Headers to a Decisions Installation.
Additional Resources
For a list of common HTTP Headers and their functions, see HTTP headers - HTTP | MDN.
Example
To add custom HTTP Headers to a Self-Hosted or IIS Installation:
- From the Local File System, navigate to C:\Program Files\Decisions\Decisions Server.
- Open Settings.xml with the desired Text Editor.
- Before the closing </Settings>tag, add the following code snippet:
<CustomHeaders><CustomHeader> <Name>X-Frame-Options</Name> <Value>SAMEORIGIN</Value> </CustomHeader> <CustomHeader> <Name>X-XSS-Protection</Name> <Value>VALUE</Value> </CustomHeader> <CustomHeader> <Name>X-Content-Type-Options</Name> <Value>VALUE</Value> </CustomHeader> </CustomHeaders>
- Save and close the Settings file.
- Restart the Decisions environment.
Was this article helpful?
