Documentation Center

Configuring HTTP headers

Configure additional HTTP headers.

Procedure

  1. Log in to Language Weaver Edge using a valid account.
  2. Go to Manage > Settings > HTTP settings.
  3. In the upper-right corner, select Edit.
  4. In the edit area, enter one header per line.
  5. Select Save once you have finished.

Example

For example, you can enable HSTS by adding the following in the HTTP settings headers:

Strict-Transport-Security: max-age=31536000

You can also use the recommended set of HTTP headers shown below to ensure a secure configuration of your Language Weaver Edge portal:

access-control-allow-origin:*
Strict-Transport-Security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
X-Content-Type-Options: nosniff
Content-Security-Policy:default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data:; frame-src 'self'; object-src 'none'; media-src 'none';
Cross-Origin-Embedder-Policy: require-corp; report-to="default"
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="default"
Cross-Origin-Resource-Policy: same-origin
X-Permitted-Cross-Domain-Policies: none
Clear-Site-Data: "cache", "executionContexts"