response-headers

automatically add header to every response

by

I recently got into this issue and found this solution. You can use a filter to add these headers : import java.io.IOException; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.filter.OncePerRequestFilter; public class CorsFilter extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { response.addHeader(“Access-Control-Allow-Origin”, “*”); if (request.getHeader(“Access-Control-Request-Method”) … Read more

How do delete a HTTP response header?

by

You can’t delete headers afterwards by the standard Servlet API. Your best bet is to just prevent the header from being set. You can do this by creating a Filter which replaces the ServletResponse with a custom HttpServletResponseWrapper implementation which skips the setHeader()‘s job whenever the header name is Content-Disposition. Basically: @Override public void doFilter(ServletRequest … Read more

Removing/Hiding/Disabling excessive HTTP response headers in Azure/IIS7 without UrlScan

by

The following changes allow you to remove these HTTP response headers in Azure without writing a custom HttpModule. Most of the information on the net is out of date, and involves UrlScan (which has since been integrated into IIS7, but with the RemoveServerHeader=1 option removed). Below is the neatest solution I’ve found (thanks to this … Read more