Configuring Content-Security-Policy header for grails 2.5 application
问题 I was going through different solutions available for preventing clickjacking in a grails application. One of the solutions was using X-Frame. So, I found a grails plugin, X-Frame-Options Plugin, by mrhaki . It is serving my purpose of adding a response header X-Frame:DENY to every response. Great! I read there was a modern solution - Content-Security-Policy header. I'm unable to configure this for my Grails application. Could someone help? 回答1: The X-Frame-Options plugin is simple and