Skip to main content
Announcements
Qlik Introduces a New Era of Visualization! READ ALL ABOUT IT

Qlik Sense Enterprise on Windows: Cross Site Scripting (XSS) protection HTTP header not set

No ratings
cancel
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support
Digital Support

Qlik Sense Enterprise on Windows: Cross Site Scripting (XSS) protection HTTP header not set

Last Update:

Aug 7, 2023 6:36:24 AM

Updated By:

Sonja_Bauernfeind

Created date:

Aug 7, 2023 6:36:24 AM

Content-Security-Policy (current) or X-XSS-Protection (outdated) headers are not set by default after installing Qlik Sense Enterprise on Windows. 

While potentially great for improving site security, Qlik has no authority over the environment Qlik Sense is deployed in. If the specific custom header or other headers are deemed necessary, they can be added to the virtual proxy from the Qlik Sense Enterprise Management panel. See Qlik Sense for Administrators: Virtual Proxies.

Related Content

Qlik Sense Enterprise on Windows: Securing and Hardening Server 

Labels (1)
Contributors
Version history
Last update:
‎2023-08-07 06:36 AM
Updated by: