Fix DAST Issue : Content Security Policy (CSP) Header Not Set

[Facetorushikesh]

Scan Date: Wed, 1 May 2024 01:44:12 URLs Impacted:

• https://tuesday-roja-vm-9591.fyre.ibm.com:12443/robots.txt
• https://tuesday-roja-vm-9591.fyre.ibm.com:12443/sitemap.xml

DAST Scan Results

CWE ID	Severity	Description	Location	Evidence	Solution
693	Medium	The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.	Method: GET Parameter:		Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.