
Digital Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Qlik Sense Enterprise on Windows: Cross Site Scripting (XSS) protection HTTP header not set
Last Update:
Aug 7, 2023 6:36:24 AM
Updated By:
Created date:
Aug 7, 2023 6:36:24 AM
Content-Security-Policy (current) or X-XSS-Protection (outdated) headers are not set by default after installing Qlik Sense Enterprise on Windows.
While potentially great for improving site security, Qlik has no authority over the environment Qlik Sense is deployed in. If the specific custom header or other headers are deemed necessary, they can be added to the virtual proxy from the Qlik Sense Enterprise Management panel. See Qlik Sense for Administrators: Virtual Proxies.
Related Content
Qlik Sense Enterprise on Windows: Securing and Hardening Server
1,041 Views