X-Frame-Options header is not included in the HTTP response for static resources
Description
introduced the X-Frame-Options header to protect against 'ClickJacking' attacks. These headers should also be set on responses to requests for static content, such as: http://localhost:9090/js/tooltips/domLib.js
Environment
None
Assignee
Guus der Kinderen
Reporter
Guus der Kinderen
Labels
None
Expected Effort
None
Ignite Forum URL
None
Components
Priority
Configure