Find Answers
Qlik Community
Collaborate with over 60,000 Qlik technologists and members around the world to get answers to your questions, and maximize success.
Join Us
Knowledge
Vulnerability XSS protection HTTP header not set
Article Number: 000049975 | Last Modified: 2019/03/20Description
The X-Xss-Protection response header is not set by default.
Environment:
Environment:
any Qlik Sense version
Resolution
The X-Xss-Protection header is not a standard / default response header and browser specific.
While potentially great for improving the security posture, Qlik has no authority over the environment that Qlik Sense is deployed in. If the specific custom header or other headers are deemed necessary, they can be added to the virtual proxy, as found in the QMC panel.
See How to add additional response headers in Qlik Sense on how to add additional and custom response headers to the Qlik Sense virtual proxy.
While potentially great for improving the security posture, Qlik has no authority over the environment that Qlik Sense is deployed in. If the specific custom header or other headers are deemed necessary, they can be added to the virtual proxy, as found in the QMC panel.
See How to add additional response headers in Qlik Sense on how to add additional and custom response headers to the Qlik Sense virtual proxy.
Get Answers
Find Answers
Get Support
Have a Question?
Search Qlik's Support Knowledge database or request assisted support for highly complex issues.
Submit a case
Talk with a Representative
Critical Issues
Experiencing a serious issue, please contact us by phone. For Data Integration related issues please refer to your onboarding documentation for current phone number.
Call Us