Actions
Config #7786
openMultiple issues with web configuration
Start date:
09/18/2024
Due date:
% Done:
0%
Estimated time:
To be discussed:
No
Description
- HTTP Strict Transport Security (HSTS) Policy Not Enabled
- Cookies with missing, inconsistent or contradictory properties
> Cookie without SameSite attribute - Content Security Policy (CSP) Not Implemented
- Error page web server version disclosure
- Permissions-Policy header not implemented
Related issues
Updated by Rajmund Hruška 3 months ago
- Related to Bug #7575: Missing or Permissive Content-Security-Policy frame-ancestors HTTP Response Header added
Updated by Rajmund Hruška 3 months ago
- Status changed from New to In Progress
- Assignee set to Rajmund Hruška
Updated by Rajmund Hruška 3 months ago
- Related to Bug #7573: Cookies in default configuration are not marked Secure added
Updated by Rajmund Hruška 3 months ago
On the last meeting I mentioned that rewrite is not working properly. That is not the case. The rules do what they are meant to be doing:
RewriteEngine on # Rewrite the path when accessed without a trailing slash. RewriteRule ^/mentat$ /mentat/ [R] # Rewrite webserver root to mentat application. RewriteRule ^/$ /mentat/ [R]
Actions