HeadersPolicies Enumeration
the header policies that are supported by the firewall
Namespace:
Walter.Web.FireWall.HeadersAssembly: Walter.Web.FireWall (in Walter.Web.FireWall.dll)
Members
| Member name | Description | |
|---|---|---|
| None | No policy has been applied, headers are not protected by the browser or firewall | |
| DoNotTrack | Indicates that 3rd party "do not track signal" is configured. | |
| FrameOptionsDeny | Indicates that the pages cannot be displayed in a frame, regardless of the site attempting to do so | |
| FrameOptionsSameOrigin | indicates that only frames are allowed that are of this domain | |
| XssProtectionEnabled | Indicates that the pages have XSS protection | |
| XssProtectionDisabled | Indicates that the pages do not have XSS protection | |
| XssProtectionWithBlockEnabled | Indicates that the pages have XSS protection and tells the browser to block | |
| XssProtectionWithReportEnabled | Indicates that the pages have XSS protection and tells the browser to report | |
| StrictTransportSecurityMaxAge | Indicates that the browser is to honor Strict-Transport-Security max-age to all requests in this domain but not sub domains and tells the browser to cache the domain in the STS list for the number of seconds provided. | |
| StrictTransportSecurityMaxAgeIncludeSubDomains | Indicates that the browser is to honor Strict-Transport-Security max-age to all requests in the domain and sub domains and tells the browser to cache the domain in the STS list for the number of seconds provided. | |
| StrictTransportSecurityNoCache | Add Strict-Transport-Security max-age=0 to all requests and ells the browser to remove, or not cache the host in the STS cache | |
| ContentTypeOptionsNoSniff | indicates that the browser will have X-Content-Type-Options nosniff to all headers. | |
| ContentSecurityPolicyTrustOnlySelf | Indicates that the browser will have a CSP will only trust own domain | |
| ContentSecurityPolicyTrustExternalSources | Indicates that the browser will have a CSP will only trust own domain as well as specified external CDN's |