diff --git a/src/main/java/cokr/xit/base/ResponseHeaderFilter.java b/src/main/java/cokr/xit/base/ResponseHeaderFilter.java
new file mode 100644
index 00000000..b2af1548
--- /dev/null
+++ b/src/main/java/cokr/xit/base/ResponseHeaderFilter.java
@@ -0,0 +1,50 @@
+package cokr.xit.base;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponseWrapper;
+
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+
+@Component
+@Order(-10001)
+public class ResponseHeaderFilter implements Filter {
+
+	public ResponseHeaderFilter() {}
+
+    @Override
+	public void destroy() {}
+
+	@Override
+	public void doFilter(ServletRequest request, ServletResponse response,
+    		FilterChain chain) throws IOException, ServletException {
+
+		chain.doFilter(request, new HttpServletResponseWrapper((HttpServletResponse) response) {
+
+            @Override
+			public void setHeader(String name, String value) {
+
+                if(name.equalsIgnoreCase("X-Xss-Protection")) {
+                    if(super.containsHeader("Content-Type")) {
+                    	if(super.getContentType() != null) {
+                    		if(super.getContentType().startsWith("application/json")) {
+	                    		return;
+                    		}
+                    	}
+                    }
+                }
+
+                super.setHeader(name, value);
+                return;
+            }
+        });
+
+	}
+}