Open phish opened 3 years ago
I believe this fits in the CONF chapter, and bypasses can link to it in the CLNT chapter.
Would love to add this in!
Are you interested to propose a plan for this addition?
I wont be able to work on this before the end of the year. If nothing has been done by then, I'll be happy to contribute.
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors.
I've finished the document, I'll be posting a pull request soon.
Oopsie! I did a PR #708 earlier on this.
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors.
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors.
Please comment if you are still working on this issue, as it has been inactive for 90 days. To give everyone a chance to contribute, we are releasing it to new contributors.
Please comment if you are still working on this issue, as it has been inactive for 90 days. To give everyone a chance to contribute, we are releasing it to new contributors.
I haven't found any test that includes looking at the Content Security Headers. I would expect this to be included either in
02-Configuration_and_Deployment_Management_Testing
or in11-Client-side_Testing
where it is closely related to02-Testing_for_JavaScript_Execution.md
Typically, we should check for unsafe-eval and other potentially dangerous settings.