Other Protection Measures

Docs

Docs
(current)
VMware Communities

Twitter Facebook LinkedIn 微博

Besides the Internet Engineering Task Force and W3 standards, Horizon 7 employs other measures to protect communication that uses the HTTP protocol.

Reducing MIME Type Security Risks
By default, Horizon 7 sends the header x-content-type-options: nosniff in its HTTP responses to help prevent attacks based on MIME-type confusion.
Mitigating Cross-Site Scripting Attacks
By default, Horizon 7 employs the XSS (cross-site scripting) Filter feature to mitigate cross-site scripting attacks by sending the header x-xss-protection=1; mode=block in its HTTP responses.
Content Type Checking
By default, Horizon 7 accepts requests with the following declared content types only:
Client Behavior Monitoring
Connection Servers have finite resources available to handle requests from clients, and misbehaving clients can tie up those resources, preventing others from being serviced. Client behavior monitoring is a class of detections and mitigation that protect against bad behavior.
User Agent Whitelisting
Set a whitelist to restrict user agents that can interact with Horizon 7. By default, all user agents are accepted.

Parent topic: HTTP Protection Measures on Connection Servers and Security Servers

Share on Social Media?

:

|

x

" "?