Improved security headers?

Started by shade73, May 15, 2018, 11:51:22 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 15, 2018, 11:51:22 PM Last Edit: May 17, 2018, 12:57:19 PM by shade73
Is it possible to add the following security headers to web GUI?

X-Content-Type-Options
X-XSS-Protection
X-Frame-Options
Content-Security-Policy

or as wishlist for future updates :)
May 17, 2018, 08:23:22 AM #1
Fabian submitted a recently merged PR via: https://github.com/opnsense/core/pull/2212

There's a bit of discussion. It'll be in 18.7 for sure. Right now we are trying to give it a bit of exposure in the beta in order to see if it has issues.

If anything is missing please discuss via GitHub.


Thanks,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
May 17, 2018, 12:57:49 PM #2
Great, thanks   :)
Print
Go Up Pages1
User actions