Hello, @everyone. I am facing error Missing OWASP Secure Headers: ["X-Content-Type-Options","Content-Security-Policy","Referrer-Policy"] for URL in mac zoom client.
The app was built in React.js and it works properly in windows zoom desktop client.
What should I do to get the page loading exactly in mac zoom client?
Kindly help me please
Thank you
It looks like you’re using react-helmet to set meta tags in the client side. Instead, these values should be set as headers that should be sent by the server when the page is requested. In other words, by the time the client receives this page with the meta tags set, it is too late to change the headers.
react-helmet is designed to set data in the HEAD tag of a react app. To set the headers you should use a method on the server side. If you are using Express to serve this application, you can use a similarly named package called ‘helmet’ to set HTTP headers:
I used zoomapps-sample-js as a backend. I am just calling endpoint from the back-end. So I don’t have any express server for now. To resolve this problem, should I build the express server and run the front-end on it?
The Basic Sample App includes an express server that will set these headers so you can run that to get started. Regardless of the backend that you use, you want these headers to be set.
I just build the express backend and set the Secure header
But I’m still getting this error - Missing OWASP Secure Headers: ["Strict-Transport-Security","X-Content-Type-Options","Content-Security-Policy","Referrer-Policy"] for URL
Hi @MaxM i’m facing the same issue , i added the headers from the front end and also from the backend .net still i’m getting this error
my app is working fine in the windows and linux , but showing the [Error] Missing OWASP Secure Headers: [“X-Content-Type-Options”,“Content-Security-Policy”,“Referrer-Policy”] for URL in macos
For those of you encountering issues, first check the network tab of the developer console when testing your web page and ensure that you can see the headers are being sent.
If there is an instance where you are sending all headers and still seeing this issue please send a screenshot of what you are seeing in the headers section of the network tab.