To configure HTTP protection measures you must create or edit the locked.properties file in the gateway configuration folder on the Connection Server instance.

For example: install_directory\VMware\VMware View\Server\sslgateway\conf\locked.properties

  • Use the following syntax to configure a property in locked.properties: 
    myProperty = newValue
  • The property name is always case-sensitive and the value might be case-sensitive. Whitespace around the = sign is optional.
  • For CORS and CSP properties, it is possible to set service-specific values and a primary value. For example, the admin service is responsible for handling Horizon console requests, and a property can be set for this service without affecting other services by appending -admin after the property name. 
    myProperty-admin = newValueForAdmin
  • If both a primary value and a service-specific value are specified, then the service-specific value applies to the named service, and the primary value applies to all other services. The sole exception is the special value "OFF". If the primary value for a property is set to "OFF", then all service-specific values for this property are ignored.

    For example: 

    myProperty = OFF
myProperty-admin = newValueForAdmin	; ignored
  • Some properties can accept a list of values.

    To set a single value, enter the following property: 

    myProperty = newValue
myProperty-admin = newValueForAdmin

    To set multiple values for a property that accepts list values, you can specify each value on a separate line: 

    myProperty.1 = newValue1
myProperty.2 = newValue2
myProperty-admin.1 = newValueForAdmin1
myProperty-admin.2 = newValueForAdmin2
  • To determine the correct service name to use when making a service-specific configuration, look in the debug logs for lines containing the following sequence: 
    (ajp:admin:Request21) Request from abc.def.com/10.20.30.40: GET /admin/
    In this example, the service name is admin. You can use the following typical service names:
    • newadmin for Horizon console
    • broker for Connection Server
    • docroot for Local file serving
    • portal for HTML Access
    • saml for SAML communication (vIDM)
    • tunnel for Secure Tunnel
    • view-vlsi for View API
    • misc for Other
    • rest for REST API