UC_HTTP_RESPONSE_HEADER - Adding Headers

This Variable (VARA) object allows you to add (security) headers to (HTTP and HTTPS) REST and JCP responses. It is supplied with system client 0 and applies to the whole system.

Note: You can add as many headers as you need to; however, you cannot overwrite existing headers supplied with the system.

To add headers, you need to define the respective key-value pairs:

• Key: Type of information provided by the header, such as Content-Security-Policy, Strict-Transport-Security, and so on.

• Value 1: The actual data that should be provided in the header.

• Restart required: No

The OWASP Headers Project documentation and/or the OWASP HTTP Security Response Headers Cheat Sheet available online provide more information on how to properly format security response headers and provide configuration recommendations.

See also:

• List of VARA Objects for System and Client Values
• STATIC VARA Objects
• Variables and VARA Objects