Hi everyone, I have a keycloak 22.0.1 server, they require me to implement the following security headers: X-Content-Type-Options , Content-Security-Policy and Strict-Transport-Security following the owasp directives.
I haven’t found much about it, since http is exposed by quarkus I imagine it needs to be worked on. Do you know how to act in this case? Maybe the latest versions of keycloak already provide this type of checks?
thanks!