Article - CS353469
Missing or insecure Headers in ThingWorx Platform
Modified: 18-Mar-2025
Applies To
- Windchill Navigate (formerly ThingWorx Navigate) 8.5.8 to 9.0
- ThingWorx Platform 8.5 to 9.5
Description
- Missing or insecure X-Content-Type-Options header
- Missing or insecure X-XSS-Protection header
- Missing or Insecure Object-Src policy in Content-Security-Policy header
- Missing or Insecure Script-Src policy in Content-Security-Policy header
This is a printer-friendly version of Article 353469 and may be out of date. For the latest version click CS353469