Hi, I’m using Payara Community Edition [version 2.2022.2] (https://repo1.maven.org/maven2/fish/payara/distributions/payara/5.2022.2/payara-5.2022.2.zip) for one of the application and using Micro version for another 2 child applications https://repo1.maven.org/maven2/fish/payara/extras/payara-micro/5.2022.2/payara-micro-5.2022.2.jar
I would like to enable these 3 security items
1) HTTP Strict-Transport-Security
2) Content-Security-Policy
3) X-Content-Type-Options
For HSTS, I know we can set something like this
./asadmin set configs.config.server-config.network-config.protocols.protocol.${protocol-name}.ssl.hsts-enabled=true
Question 1: But this doesn’t work on payara-micro, how do we do the same in micro version?
Question 2: How to set Content-Security-Policy and X-Content-Type-Options in Payara full version and micro-version?
Any help on this is much appreciated.