Enabling HTTP Strict-Transport-Security (HSTS) in HTTP-Header in JBoss EAP

Solution Unverified - Updated -

Issue

  • How to avoid a man in the middle vulnerability for HTTPS Cookie Injection Vulnerability
  • How to enable HTTP Strict-Transport-Security (HSTS) in HTTP-Header for security

Environment

  • Red Hat JBoss Enterprise Application Platform
    • 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In