Jens Beyer Posted November 28 Posted November 28 I recently ran a check at https://securityheaders.com/ against a Access Gateway. Following information pops up in the result page I tried to add these header with a rewrite policy but the page seems to ignore it. I can see it in CHrome developer tools ?!?! So I assume Citrix must rename it in the firmware right? I am running 14.1-34.42 on my testing VPX here.
Julian Jakob Posted Saturday at 12:13 PM Posted Saturday at 12:13 PM Hi Jens, here's one of my NSGW's running on 14.1 34.42 Here's the cli for Permissions Policy (replace gateway.customer.com with your NSGW FQDN) (and delete of Feature-Policy): add rewrite action rw_act_delete_FeaturePolicy delete_http_header Feature-Policy add rewrite action rw_act_insert_Permissions_Policy insert_http_header Permissions-Policy "\"vibrate=(self), sync-xhr=(self \'https://gateway.customer.com\')\"" add rewrite policy rw_pol_remove_FeaturePolicy "HTTP.RES.HEADER(\"Feature-Policy\").EXISTS" rw_act_delete_FeaturePolicy add rewrite policy rw_pol_insert_Permissions_Policy "HTTP.RES.HEADER(\"Permissions-Policy\").EXISTS.NOT" rw_act_insert_Permissions_Policy See some details here https://www.julianjakob.com/citrix-adc-latest-insights-about-security-headers/ Hope this helps Regards Julian
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now