question

JayVah-0278 avatar image
0 Votes"
JayVah-0278 asked ·

Setting up security response headers for Azue CDN content

We are delivering Angular application over Azure CDN(no web server), also there would be lots of images/videos(stored on Blob storage) that our site would be serving. How can I add security headers like X Frame options, X SSS protection, no sniff while serving content from CDN?

Its important for us to serve website with at least these headers ✓ strict-transport-security ✓ x-content-type-options ✓ x-frame-options ✓ x-xss-protection

azure-cdn
· 2
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I would also like to know the recommended way. The best I can find is "Rules engine" and adding a rule to include headers in all responses. Another solution was to create a proxy function that did a similar thing.

I have not even be able to set these headers under the Properties of the blob because there is not a key for it and it will not save under metadata either. There is a key for content-type.

9645-2020-06-10-11-39-50-cute-dragon.png

9684-2020-06-10-11-47-16-rules-engine.png


0 Votes 0 · ·

I tried to add rule in Standard CDN, but its not adding any response header when I am hitting site
9823-responseheaderrule.png


0 Votes 0 · ·

0 Answers