forked from OWASP-Benchmark/BenchmarkJava
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathweb.xml
More file actions
71 lines (62 loc) · 2.45 KB
/
Copy pathweb.xml
File metadata and controls
71 lines (62 loc) · 2.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1">
<display-name>OWASP Benchmark</display-name>
<welcome-file-list>
<welcome-file>Index.html</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>benchmark</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>benchmark</servlet-name>
<url-pattern>/service/*</url-pattern>
</servlet-mapping>
<resource-ref>
<description>BenchmarkDBDatasource</description>
<res-ref-name>jdbc/BenchmarkDB</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<filter>
<filter-name>DBRollback</filter-name>
<filter-class>org.owasp.benchmark.helpers.filters.DataBaseFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>DBRollback</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>addMoreSecureResponseHeaders</filter-name>
<filter-class>org.owasp.benchmark.helpers.filters.HTTPResponseHeaderFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>addMoreSecureResponseHeaders</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>httpHeaderSecurity</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>hstsMaxAgeSeconds</param-name>
<param-value>31536000</param-value>
</init-param>
<init-param>
<param-name>hstsIncludeSubDomains</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>httpHeaderSecurity</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<mime-mapping>
<extension>html</extension>
<mime-type>text/html;charset=UTF-8</mime-type>
</mime-mapping>
</web-app>