[
https://issues.apache.org/jira/browse/JSPWIKI-1237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex O'Ree resolved JSPWIKI-1237.
---------------------------------
Fix Version/s: 3.0.0
Resolution: Fixed
> Add the OWASP recommended http response headers
> -----------------------------------------------
>
> Key: JSPWIKI-1237
> URL: https://issues.apache.org/jira/browse/JSPWIKI-1237
> Project: JSPWiki
> Issue Type: New Feature
> Reporter: Alex O'Ree
> Assignee: Alex O'Ree
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.0.0
>
>
> {{ Strict-Transport-Security: max-age=63072000; includeSubDomains;
> preload}}
> {{ X-Frame-Options: DENY}}
> {{ X-Content-Type-Options: nosniff}}
> {{ Content-Security-Policy: default-src 'self'; script-src 'self'
> 'unsafe-inline'; style-src 'self'; img-src 'self';}}
> {{ Referrer-Policy: no-referrer-when-downgrade}}
> {{ X-Permitted-Cross-Domain-Policies: none}}
> {{ Clear-Site-Data: "cookies", "storage"}}
> {{ Cross-Origin-Embedder-Policy: require-corp}}
> {{ Cross-Origin-Resource-Policy: same-origin}}{{}}{{I'll make them all
> optional add ons. never know what might break things}}{{}}{{}}{{}}{{}}{{}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
