How to set response Header of non HTML files such as js files for ex. jquery.js files

Question

I am able to set HSTS header in each JSP page using below code snippet

<%   response.setHeader("Strict-Transport-Security" ,"max-age=7776000" );%>

but Unable to set HSTS header for one of my js files in my code which was reported by Security scan team.

score 0 · Answer 1 · answered Sep 15 '17 at 08:32

0

Set it at the webserver level and not as part of the JSP. That way it will be set for all resources.

answered Sep 15 '17 at 08:32

Barry Pollard

1 Answers1