kotlin:
@Component
@WebFilter("/*")
class AddResponseHeaderFilter : Filter {
override fun doFilter(request: ServletRequest, response: ServletResponse, chain: FilterChain) {
val httpServletResponse = response as HttpServletResponse
httpServletResponse.setHeader("X-XSS-Protection", "1; mode=block")
httpServletResponse.setHeader("X-Content-Type-Options", "nosniff")
httpServletResponse.setHeader("X-Frame-Options", "DENY")
httpServletResponse.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains")
chain.doFilter(request, response)
}
override fun init(filterConfig: FilterConfig) {}
override fun destroy() {}
}