rombert commented on pull request #14: URL: https://github.com/apache/sling-org-apache-sling-xss/pull/14#issuecomment-1029083475
Unfortunately this introduces new warnings so can't be merged as-is ``` 03.02.2022 15:37:05.472 *WARN* [Apache Sling Repository Startup Thread #1] org.owasp.validator.html.Policy The directive "noopenerAndNoreferrerAnchors" is not enabled by default. It is recommended to enable it to prevent reverse tabnabbing attacks. 03.02.2022 15:37:05.516 *WARN* [Apache Sling Repository Startup Thread #1] org.owasp.validator.html.Policy The directive "noopenerAndNoreferrerAnchors" is not enabled by default. It is recommended to enable it to prevent reverse tabnabbing attacks. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
