2.13.2. esapi utilisation¶
<?xml version="1.0" encoding="UTF-8"?>
<policy>
<settings>
<mode>redirect</mode>
<error-handling>
<default-redirect-page>/security/error.jsp</default-redirect-page>
<block-status>403</block-status>
</error-handling>
</settings>
<outbound-rules>
<add-header name="FOO" value="BAR" path="/.*">
<path-exception type="regex">/marketing/.*</path-exception>
</add-header>
</outbound-rules>
</policy>