-
:
> What headers do you check for?
>
> Depending on the circumstances, we can check for a wide range of response headers. It's best to conduct a scan and see the list of headers that are present…
-
Hi everyone,
When we config CSP header like:
```
Content-Security-Policy: a
Content-Security-Policy: b
Content-Security-Policy: c
```
Each header is independent. (It means we must write r…
-
-
For example, https://frame.work/blog/linux-on-the-framework-laptop won't work with Columnate because of scripting limitations imposed by the Content Security Policy headers. https://developers.google.…
-
### Gloo Edge Product
Enterprise
### Gloo Edge Version
v1.16
### Is your feature request related to a problem? Please describe.
Today we create all our graphql schemas using the autogen…
-
Would be great to have some examples around how to add a fastapi middleware to verify sign-in, just like the Clerk documentation for the rails integration.
-
### What is the bug?
Official tests of the package are failing:
- `test_callable_in_request_session`
- `test_basicauth_in_request_session`
### How can one reproduce the bug?
Run `pytest`
…
-
### Proposed Changes
- `add_header X-Content-Type-Options nosniff;` to `server` section
- Recommend `server_tokens off;` in `http` section of `/etc/nginx/nginx.conf`?
### Justification
…
-
-
[Structured Field Values for HTTP](https://httpwg.org/http-extensions/draft-ietf-httpbis-header-structure.html) is an upcoming RFC from the HTTP Wording Group defining a set of well-defined data types…