Patch for "15.04_STABLE" branch: https://reviews.mahara.org/6215
-- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1531987 Title: Review HTTP headers to improve security Status in Mahara: Fix Committed Status in Mahara 1.10 series: In Progress Status in Mahara 15.04 series: In Progress Status in Mahara 15.10 series: In Progress Bug description: We need to review our HTTP headers to improve security and check which ones we should include per default and which ones might need to be configurable. The review will include but is not limited to: - Strict-Transport-Security - Content-Security-Policy - X-Frame-Options - X-XSS-Protection - X-Content-Type-Options - Server - X-Powered-By - X-Permitted-Cross-Domain-Policies - Caching headers Initial reports for X-XSS-Protection header by SaifAllah benMassaoud and Zeeshan. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1531987/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
