OFBiz OFBiz - Notifications

[jira] [Commented] (OFBIZ-6766) Secure HTTP headers

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (OFBIZ-6766) Secure HTTP headers

Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16210822#comment-16210822 ]

Jacques Le Roux commented on OFBIZ-6766:
----------------------------------------

At r1812609 I added
*   the no-referrer-when-downgrade Referrer-Policy
*   a comment about Public-Key-Pins-Report-Only
*   a link to the related wiki page

This is my prior to last commit, before implementing a CSP policy which is quite the stuff! Check by yourself at https://csp.withgoogle.com/docs/adopting-csp.html

> Secure HTTP headers
> -------------------
>
>                 Key: OFBIZ-6766
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-6766
>             Project: OFBiz
>          Issue Type: Sub-task
>          Components: framework
>    Affects Versions: Trunk
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>             Fix For: Upcoming Release
>
>
> I have created a wiki page for this https://cwiki.apache.org/confluence/display/OFBIZ/How+to+Secure+HTTP+Headers



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Free forum by Nabble Edit this page