-
We should add a Content-Security-Policy header for cAdvisor UI to mitigate any risks of XSS. I don't think cAdvisor needs to load any external resources, so this might be as simple as:
```
Content-S…
-
**How to categorize this issue?**
/area control-plane
/kind bug
**What happened**:
If the stateful set is in errored state because of some wrong data in the etcd bootstrap configMap then fixin…
-
This is a component issue for `2.15.0`.
Coming from https://github.com/opensearch-project/opensearch-build/issues/4681. Please follow the following checklist.
__Please refer to the DATES in that post_…
-
I haven't found any test that includes looking at the Content Security Headers.
I would expect this to be included either in
- `02-Configuration_and_Deployment_Management_Testing` or in
- `11-…
phish updated
2 years ago
-
## Summary
The Security serverless roles in Kibana are defined in multiple places using different formats. Causing pain and confusion when they need to be updated.
In Kibana these roles are used…
semd updated
7 months ago
-
How should we handle testing events or expected exceptions such as security or business rule violation?
-
# Open Grant Proposal: Proposal for Implementing Blockchain Explorer Tracking System
*Exploring tracking system:**
**Other:** Choose one of `Developer and data tooling`, `Applications`, `Integra…
-
### Proposed Changes
- `add_header X-Content-Type-Options nosniff;` to `server` section
- Recommend `server_tokens off;` in `http` section of `/etc/nginx/nginx.conf`?
### Justification
…
-
I have a local server, running SFTP. I am able to reliably access it from my computer (e.g. using FileZilla or gvfs-enabled file managers), but for some reason, accessing it through nxmp is incredibly…
-
The tool is an excellent replacement for a screen reader for rapid a11y testing, except for one big problem: it ignores the contents of iframes. A lot of academic course content is enclosed in iframe…