Adding Custom HTTP Headers to a Self-Hosted Installation
- 12 Nov 2021
- 1 Minute to read
- Print
- DarkLight
This documentation version is deprecated, please click here for the latest version.
Adding Custom HTTP Headers to a Self-Hosted Installation
- Updated on 12 Nov 2021
- 1 Minute to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Overview
As a method of passing additional information through a server, Administrators may wish to add custom HTTP Headers to their environment. In doing so, users may add additional security parameters to their environments.
Use Case
Passing additional security requirements via HTTP Headers into a Decisions environment can help prevent issues such as click-jacking or accidental script runs.
The following document demonstrates how to add Custom HTTP Headers to Self-Hosted Decisions environments.
Additional Resources
For a list of common HTTP Headers and their functions, see HTTP headers - HTTP | MDN.
Example
To add custom HTTP Headers to a Self-Hosted installation:
- From the Local File System, navigate to C:\Program Files\Decisions\Decisions Services Manager.
- Open Settings.xml with the desired Text Editor.
- Before the closing </Settings>tag, add the following code snippet:
<CustomHeaders> <CustomHeader> <Name>X-Frame-Options</Name> <Value>SAMEORIGIN</Value> </CustomHeader> <CustomHeader> <Name>X-XSS-Protection</Name> <Value>VALUE</Value> </CustomHeader> <CustomHeader> <Name>X-Content-Type-Options</Name> <Value>VALUE</Value> </CustomHeader> </CustomHeaders>
- Save and close the Settings file.
- Restart the Decisions environment, by restarting Server Host Manager.
Was this article helpful?
