X-Frame-Options header is not included in the HTTP response for static resources

Description

introduced the X-Frame-Options header to protect against 'ClickJacking' attacks. These headers should also be set on responses to requests for static content, such as: http://localhost:9090/js/tooltips/domLib.js

Environment

None

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Priority

Minor
Configure