I want to understand how to add custom security output headers to apache karaf cxf listing page http://localhost:8181/cxf . As of now I can see the the output headers coming is content-type and content-length. I want to add the security headers also in output header after the http://localhost:8181/cxf request. I use apache-karaf 4.3.6 and java version "1.8.0_202" . I want to add the following headers to the output headers.
Strict-Transport-Security X-Frame-Options X-XSS-Protection X-Content-Type-Options Content-Security-Policy
What is the best way to achieve this.
I tried adding properties to org.ops4j.pax.web.cfg file, but it didnt work out.