HTTPS Additional Header Impacts to Polycom Phones in Skype for Business Environment
Can someone confirm if there will be any impact to Polycom Phones deployed in Skype for Business environment, when the below mentioned headers are enabled on the HTTPS/Web services.
Content Security Policyis an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets.
X-XSS-Protectionsets the configuration for the cross-site scripting filter built into most browsers. Recommended value "X-XSS-Protection: 1; mode=block".
X-Content-Type-Optionsstops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff".
Referrer Policyis a new header that allows a site to control how much information the browser includes with