Starting with Pulse Connect Secure 9.0R3, Custom HTTP Headers
are supported. To configure Custom HTTP Headers, follow the steps below:
- Login to admin web interface
- Navigate to System > Configuration > Security > Advanced
- In the Custom HTTP Headers section, enter the HTTP header name and the directives along with the values
- Click Add
- Click Save Changes.
- Administrators should ensure the correctness of the values that are entered.
- If the administrator configured HTTP header seems to affect the way the page is rendered or is locked out, use the console option to reset the custom HTTP header values.
- Connect with the admin console and choose option 4 (system operation) and then option 94 (Clear custom HTTP headers).
The following table lists OWASP recommended headers that may be enabled if desired: