[Reuqest] Security Headers (CSP) should be added - especially `X-Frame-Options`

jeboehm / docker-mailserver

Docker Mailserver based on the famous ISPMail guide

MIT License

371 stars 97 forks source link

[Reuqest] Security Headers (CSP) should be added - especially `X-Frame-Options` #230

Closed the-hotmann closed 1 year ago

the-hotmann commented 1 year ago

All endpoints should be tested against https://securityheaders.com and at least X-Frame-Options should be set to prevent malicious visitors' attacks.

All endpoints should be checked:

/manager/
/webmail/
/rspamd/

Thanks in advance!

jeboehm commented 1 year ago

Thank you @MartinHotmann! This will be solved in #241