You are here: Configurations and Operations > Administration Tab > Web Interface > Configure Response Headers
TOC & Recently Viewed
Recently Viewed Topics
Configure Response Headers
This section contains options for enabling and disabling advanced security headers. The Content Security Policy (CSP) is a computer security standard used to prevent cross-site scripting (XSS), clickjacking, and other code injection attacks resulting from the execution of malicious content in a trusted web page context.
The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page as a frame, iframe, or object. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded in other sites.