Component org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService.defaultContrib
In bundle org.nuxeo.ecm.platform.web.common
Contributions
- org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService.defaultContrib--responseHeaders
- org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService.defaultContrib--filterConfig
XML Source
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService.defaultContrib">
<extension target="org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService"
point="filterConfig">
<filterConfig name="nxfile" cached="true" private="true"
transactional="false" synchonize="false">
<!-- transaction is manually handled in DownloadServlet -->
<pattern>${org.nuxeo.ecm.contextPath}/nxfile/.*</pattern>
</filterConfig>
<filterConfig name="BigFileDownloaderRequest" cached="true" private="true"
transactional="false" synchonize="false">
<!-- transaction is manually handled in DownloadServlet -->
<pattern>${org.nuxeo.ecm.contextPath}/nxbigfile/.*</pattern>
</filterConfig>
<filterConfig name="BigZipFileDownloaderRequest" cached="true" private="true"
transactional="true" synchonize="true">
<pattern>${org.nuxeo.ecm.contextPath}/nxbigzipfile/.*</pattern>
</filterConfig>
<filterConfig name="img" cached="true" cacheTime="3600">
<pattern>${org.nuxeo.ecm.contextPath}/img.*</pattern>
</filterConfig>
<filterConfig name="icons" cached="true" cacheTime="3600">
<pattern>${org.nuxeo.ecm.contextPath}/icons.*</pattern>
</filterConfig>
<filterConfig name="js" cached="true" cacheTime="3600">
<pattern>${org.nuxeo.ecm.contextPath}/js.*</pattern>
</filterConfig>
<filterConfig name="scripts" cached="true" cacheTime="3600">
<pattern>${org.nuxeo.ecm.contextPath}/scripts.*</pattern>
</filterConfig>
<filterConfig name="waitdialog" cached="true" cacheTime="3600">
<pattern>${org.nuxeo.ecm.contextPath}/waitdialog.*</pattern>
</filterConfig>
</extension>
<extension target="org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService"
point="responseHeaders">
<header name="X-UA-Compatible">IE=10; IE=11</header>
<header name="Cache-Control">no-cache</header>
<header name="X-Content-Type-Options">nosniff</header>
<header name="X-XSS-Protection">1; mode=block</header>
<header name="X-Frame-Options">${nuxeo.frame.options:=SAMEORIGIN}</header>
<!-- this is a permissive Content-Security-Policy, which should be overridden for more security -->
<header name="Content-Security-Policy">default-src *; script-src 'unsafe-inline' 'unsafe-eval' data: *; style-src 'unsafe-inline' *; font-src data: *</header>
</extension>
</component>