securityheaders / securityheaders-bugs

Bug tracker for https://securityheaders.io
20 stars 0 forks source link

display-capture is detected as an invalid feature-policy directive #69

Open evilaliv3 opened 5 years ago

evilaliv3 commented 5 years ago

While implementing the Feature-Policy header in Globaleaks (https://github.com/globaleaks/GlobaLeaks/issues/2667) and retesting it with https://securityheaders.com/ i just found out that display-capture is detected as an invalid feature-policy directive.

This could be retested using: https://securityheaders.com/?q=try.globaleaks.org&followRedirects=on

screenshot-securityheaders com-2019 08 30-15_07_33

Malvoz commented 5 years ago

There are potentially more features missing, see: