Closed phavekes closed 2 days ago
This issue is imported from pivotal - Originaly created at Feb 5, 2020 by Thijs Kinkhorst
As an admin interface, this should have an appropriate security headers to prevent exploits proactively:
Content-Security-Policy Referrer-Policy: same-origin X-Frame-Options: DENY X-Content-Type-Options: nosniff
This issue is imported from pivotal - Originaly created at Feb 5, 2020 by Thijs Kinkhorst
As an admin interface, this should have an appropriate security headers to prevent exploits proactively: