Question

我使用的是Jboss 5.1，默认值为X-XSS-Protection = 1; mode = block 我想在web.xml中更改此参数的值：

<filter>
        <filter-name>CommonHeadersFilter</filter-name>
        <filter-class>
         org.jboss.web.tomcat.filters.ReplyHeaderFilter</filter-class>
        <init-param>
            <param-name>X-Powered-By</param-name>
            <param-value>Servlet 2.5; JBoss-5.0/JBossWeb-2.1</param-value>
        </init-param>
        <init-param>
            <param-name>X-XSS-Protection</param-name>
            <param-value>0</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CommonHeadersFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

但是在重新启动jboss服务器之后，X-XSS-Protection标头的值为1; mode = block。有人可以帮我设置更改此参数的默认值吗？

在jboss 5.1中更改X-XSS-Protection的值

0 个答案: