<div>
Also in some codebase i saw that they created a filter for adding content security policy header.<br />
Whats the correct approach as per designing ?<br />
Should i just add it like above in each request mapping.. or create a filter and so controller does not know about adding of this header ?
</div>


<div>
<div class="content wysiwyg-content">
Hi,<br />
In my controller i have the following line in each requestMapping method : <br />

<pre><code class="code-1 nolinks" id="code-10-28923342-1"><span>        response.setHeader(contentSecurityolicy.getHttpHeader(), contentSecurityPolicy.toString());</span>
</code></pre>
<br />
There are 4 such methods... Is there any way i can avoid this so as to specify this header only once in controller and <br />
it gets added to all the responses ?<br />
<br />
<br />
Thanks
</div>
</div>


Hi,
In my controller i have the following line in each requestMapping method : 
(CODE)

There are 4 such methods... Is there any way i can avoid this so as to specify this header only once in controller and 
it gets added to all the responses ?


Thanks

how to set common header for all RequestMappings in a controller

Java is a platform-independent, object-oriented programming language and run-time environment, designed to have as few implementation dependencies as possible such that developers can write one set of code across all platforms using libraries. Most devices will not run Java natively, and require a run-time component to be installed in order to execute a Java program.

Java

Java Enterprise Edition (Java EE) is a specification defining a collection of Java-based server and client technologies and how they interoperate. Java EE specifies server and client architectures and uses profiles to define technology sets targeted at specific classes of applications. All Java EE profiles share a set of common features, such as naming and resource injection, packaging rules and security requirements.