Currently we get feedback from pen-tester and they are returning some vulnerability result as below:
Link Affected: https://<hostname>/<ords>/wwv_flow.ajax/*
i. Missing HTTP "Strict-Transport-Security" Header
ii. Missing "X-XSS-Protection" Header
iii. Missing "X-Content-Type-Options" Header
From the result above,
i. Able to set customize response header via oracle APEX ?
ii. If yes, possible to customize on dynamic action?