How I can set security header for my angular application hosted in app service

Sandesha Priyakumara 0 Reputation points
2023-09-21T12:24:55.49+00:00

I have my angular we app hosted in app service.
with framework .Net and operating system as Windows.

How can I set the security headers like.

Content-Security-Policy

X-Content-Type-Options

X-Frame-Options

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,676 questions
{count} votes

1 answer

Sort by: Most helpful
  1. TP 90,556 Reputation points
    2023-09-22T00:18:42.4366667+00:00

    Hi Sandesha,

    You can add it to your web.config file and place it in the root of your webapp. Sample web.config file below :

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
        <system.webServer>
            <httpProtocol>
                <customHeaders>
                    <add name="X-Frame-Options" value="headerValue" />
                    <add name="X-Content-Type-Options" value="headerValue" />
                    <add name="Content-Security-Policy" value="headerValue" />
                </customHeaders>
            </httpProtocol>
        </system.webServer>
    </configuration>
    

    Another method, if you have a server-side code running, would be to add the headers to the response via code.

    Please click Accept Answer and upvote if the above was useful.

    Thanks.

    -TP

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.