Security
Table Of Contents
- View Security
- Contents
- View Security
- Horizon 7 Accounts, Resources, and Log Files
- View Security Settings
- Ports and Services
- Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
- Configuring Security Protocols and Cipher Suites for Blast Secure Gateway
- Deploying USB Devices in a Secure Horizon 7 Environment
- HTTP Protection Measures on Connection Servers and Security Servers
Other Protection Measures
Besides the Internet Engineering Task Force and W3 standards, Horizon 7 employs other measures to
protect communication that uses the HTTP protocol.
Reducing MIME Type Security Risks
By default, Horizon 7 sends the header x-content-type-options: nosniff in its HTTP responses to
help prevent attacks based on MIME-type confusion.
You can disable this feature by adding the following entry to the file locked.properties:
x-content-type-options=OFF
Mitigating Cross-Site Scripting Attacks
By default, Horizon 7 employs the XSS (cross-site scripting) Filter feature to mitigate cross-site scripting
attacks by sending the header x-xss-protection=1; mode=block in its HTTP responses.
You can disable this feature by adding the following entry to the file locked.properties:
x-xss-protection=OFF
Content Type Checking
By default, Horizon 7 accepts requests with the following declared content types only:
n
application/x-www-form-urlencoded
n
application/xml
n
text/xml
Note In earlier releases, this protection was disabled by default.
To restrict the content types that View accepts, add the following entry to the file locked.properties:
acceptContentType.1=content-type
For example:
acceptContentType.1=x-www-form-urlencoded
To accept another content type, add the entry acceptContentType.2=content-type, and so on
View Security
VMware, Inc. 37