Secure HTTP Headers in OCI (Gen 2) Environments
To satisfy the requirement of secure HTTP headers, all HTTP requests and responses in an OCI (Gen 2) environment have these secure HTTP headers:
HTTP Request Headers
- WL-Proxy-Client-IP
- WL-Proxy-SSL
- IS_SSL
HTTP Response Headers
- Strict-Transport-Security
- X-Content-Type-Options
- Secure
- samesite
- Referrer-Policy
- Permissions-Policy
- Content-Security-Policy
- X-Permitted-Cross-Domain-Policies