Bug #13042: Disallow content type sniffing - Wt - Redmine

Actions

Bug #13042

closed

Disallow content type sniffing

Added by Matthias Van Ceulebroeck 7 months ago. Updated 3 months ago.

Status:

Rejected

Priority:

Normal

Assignee:

-

Target version:

Start date:

09/13/2024

Due date:

% Done:

0%

Estimated time:

Description

Per ASVS's recommendation 14.1.1 every response ought to contain the X-Content-Type-Option; nosniff

Related issues 1 (0 open — 1 closed)

#1

Updated by Romain Mardulyn 7 months ago

Status changed from New to InProgress

#2

Updated by Romain Mardulyn 7 months ago

Status changed from InProgress to Review
Assignee deleted (~~Romain Mardulyn~~)

#3

Updated by Matthias Van Ceulebroeck 5 months ago

Related to Improvements #13187: Allow custom headers to be configured in the config file added

#4

Updated by Matthias Van Ceulebroeck 5 months ago

Assignee set to Matthias Van Ceulebroeck

#5

Updated by Matthias Van Ceulebroeck 3 months ago

Status changed from Review to InProgress
Assignee deleted (~~Matthias Van Ceulebroeck~~)

#6

Updated by Matthias Van Ceulebroeck 3 months ago

Status changed from InProgress to Rejected

Actions

Also available in: Atom PDF