Config your IIS server to use the “Content-Security-Policy” header

Question

I need to add custom headers in IIS for \"Content-Security-Policy\", \"X-Content-Type-Options\" and \"X-XSS-Protection\".

I get the procedure to add these headers b

Answer 1

On Server 2012 R2:

1. Open IIS Manager.
2. Click on IIS Server Home.
3. DoubleClick on HTTP Response Headers.
4. Click Add under Actions on the right.
5. Add the Name and Values.