Project

General

Profile

Actions

Config #7786

open

Multiple issues with web configuration

Added by Rajmund Hruška 3 months ago. Updated 2 months ago.

Status:
In Progress
Priority:
Normal
Category:
-
Target version:
Start date:
09/18/2024
Due date:
% Done:

0%

Estimated time:
To be discussed:
No

Description

  • HTTP Strict Transport Security (HSTS) Policy Not Enabled
  • Cookies with missing, inconsistent or contradictory properties
    > Cookie without SameSite attribute
  • Content Security Policy (CSP) Not Implemented
  • Error page web server version disclosure
  • Permissions-Policy header not implemented

Related issues

Related to Mentat - Bug #7575: Missing or Permissive Content-Security-Policy frame-ancestors HTTP Response HeaderClosedRajmund Hruška03/23/2022

Actions
Related to Mentat - Bug #7573: Cookies in default configuration are not marked SecureClosedRajmund Hruška03/22/2022

Actions
Actions

Also available in: Atom PDF