+ <filter>\r
+ <filter-name>httpHeaderSecurity</filter-name>\r
+ <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>\r
+ <async-supported>true</async-supported>\r
+ <init-param>\r
+ <param-name>antiClickJackingEnabled</param-name>\r
+ <param-value>true</param-value>\r
+ </init-param>\r
+ <init-param>\r
+ <param-name>antiClickJackingOption</param-name>\r
+ <param-value>DENY</param-value>\r
+ </init-param>\r
+ </filter>\r
+ <filter-mapping>\r
+ <filter-name>httpHeaderSecurity</filter-name>\r
+ <url-pattern>/*</url-pattern>\r
+ </filter-mapping>\r