[Security]Provide a professional web backend server with basic security settings

[badboy-huaqiao]

Have you tried https://chrome.google.com/webstore/detail/csp-content-security-poli/fmkkdpolbaacmofciknnofgkknjpbhpm to help in generating the CSP?

Originally posted by @bnevis-i in https://github.com/edgexfoundry/edgex-ui-go/pull/507#pullrequestreview-928089985

[badboy-huaqiao]

@bnevis-i move here, do you have any better advice or third-party library you know? so I can do a research, thanks for your effort works, your advice really helped me a lot.

[bnevis-i]

When researching this, I was looking for a package similar to NPM Helmet. https://www.npmjs.com/package/helmet Someone once tried to port it to golang but it never took off. I have found something similar for golang that is better supported: https://github.com/unrolled/secure Interestingly, the README shows how this software works for various microserver frameworks. It might be worth a look to see if any of those mentioned frameworks offers any additional value over what you are doing now or has any special Angular integrations.

[badboy-huaqiao]

@bnevis-i thanks for your effort works, I will do more deeper research on what you provided above, keep this issue open until it has some sort of result.