Hi, Jenkins is installed on windows server. Our web scans show three low findings .
1) cookie not marked as HttpOnly 2) [Possible] Cross-site Request Forgery 3) Missing X-frame-options header. Installed Missing X-frame plugin and the set the option as SAMEORIGIN but the scans still shows as low finding. For the other two , I'm not able to find any resolution in google search. Appreciate any inputs on this. Thanks in Advance. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/cdf27f70-6cdf-4d40-9177-4e6fcef1310bn%40googlegroups.com.
