OFBiz › OFBiz - Notifications

[jira] [Comment Edited] (OFBIZ-6766) Secure HTTP headers

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

Nicolas Malin (Jira)

[jira] [Comment Edited] (OFBIZ-6766) Secure HTTP headers

[ https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16491951#comment-16491951 ]

Jacques Le Roux edited comment on OFBIZ-6766 at 5/27/18 7:32 AM:
-----------------------------------------------------------------

I'm done with this. I created OFBIZ-10417 for create a real Content Security Policy (CSP). For now we only report. But sincerely I think it will be let as is and we will let users decide on their own CSP... So the report only mode is just a reminder for them...

was (Author: jacques.le.roux):
I'm done with this. I created OFBIZ-10417 for create a real Content Security Policy (CSP). For now we only report. But I think it will be let as is and let users decide on their own CSP.

> Secure HTTP headers
> -------------------
>
> Key: OFBIZ-6766
> URL: https://issues.apache.org/jira/browse/OFBIZ-6766
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: Trunk
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Major
> Fix For: 17.12.01
>
> Attachments: OFBIZ-6766-UtilHttp.java.patch
>
>
> I have created a wiki page for this https://cwiki.apache.org/confluence/display/OFBIZ/How+to+Secure+HTTP+Headers

--
This message was sent by Atlassian JIRA
(v7.6.3#76005)