Moxie.http Headers

The optional Moxie.http file is read on server start and controls the default HTTP headers set for all requests.

This file should be formatted in the same format as HTTP headers themselves. These header values are set as the default for each request prior to running any procedures. The values set in this file may be dynamically overwritten or added to by using the HttpHeader command on an as needed basis.

The default headers set prior to loading of this file are:

X-Frame-Options: DENY
X-Content-Type-Options: nosniff

The Content-Security-Policy is set dynamically based on the SecurityPolicy Moxie.cfg Config value after setting the above, but before running any procedures.