Secure HTTP Headers

To satisfy the requirement of secure HTTP headers, all HTTP requests and responses in Oracle Fusion Cloud Enterprise Performance Management or Oracle Fusion Cloud Enterprise Data Management environments include the following secure HTTP headers:

HTTP Request Headers

• WL-Proxy-Client-IP
• WL-Proxy-SSL
• IS_SSL

HTTP Response Headers

• Strict-Transport-Security
• X-Content-Type-Options
• Secure
• samesite
• Referrer-Policy
• Permissions-Policy
• Content-Security-Policy
• X-Permitted-Cross-Domain-Policies