[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058472#comment-15058472
]
Forrest Rae commented on OFBIZ-6766:
Jacques, apologies for the questions if they weren't applicable,
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058479#comment-15058479
]
Jacques Le Roux commented on OFBIZ-6766:
As I said in my conclusion, I think this and others
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058376#comment-15058376
]
Forrest Rae commented on OFBIZ-6766:
One more thing, are any of these going to be backported?
>
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058373#comment-15058373
]
Forrest Rae commented on OFBIZ-6766:
Also, definitely enable support for CORS, there is a great
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058440#comment-15058440
]
Jacques Le Roux commented on OFBIZ-6766:
I had a try at using HttpHeaderSecurityFilter and I must
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058469#comment-15058469
]
Jacques Le Roux commented on OFBIZ-6766:
Hi Forrest, seems that we cross-posted, please read my
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058482#comment-15058482
]
Jacopo Cappellato commented on OFBIZ-6766:
--
For your information:
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058515#comment-15058515
]
Jacques Le Roux commented on OFBIZ-6766:
If you want to see it all use "View" on trunk HEAD at
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058394#comment-15058394
]
Forrest Rae commented on OFBIZ-6766:
Two useful sites besides CheckYourHeaders:
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058500#comment-15058500
]
Jacques Le Roux commented on OFBIZ-6766:
strict-transport-security (hst header) was done with
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058368#comment-15058368
]
Forrest Rae commented on OFBIZ-6766:
Jacques,
In the spirit of secure by default I'd like to throw my
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058505#comment-15058505
]
Jacques Le Roux commented on OFBIZ-6766:
I put some reference above (and now below), you can
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058506#comment-15058506
]
Jacques Le Roux commented on OFBIZ-6766:
Thanks Jacopo, quite new :)
> Secure HTTP headers
>
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058474#comment-15058474
]
Jacques Le Roux commented on OFBIZ-6766:
I'm not sure yet
> Secure HTTP headers
>
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058471#comment-15058471
]
Jacques Le Roux commented on OFBIZ-6766:
4th step at r1720213: X-XSS-Protection
> Secure HTTP
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15058473#comment-15058473
]
Jacques Le Roux commented on OFBIZ-6766:
Thanks, I will check that
> Secure HTTP headers
>
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15056856#comment-15056856
]
Jacques Le Roux commented on OFBIZ-6766:
Actually I put back r1719762, see why at OFBIZ-6655
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15055499#comment-15055499
]
Jacques Le Roux commented on OFBIZ-6766:
While working on a mean to introduce X-XSS-Protection in
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15054789#comment-15054789
]
Jacques Le Roux commented on OFBIZ-6766:
4th step at revision: 1719762: setCookie
> Secure HTTP
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15054803#comment-15054803
]
Jacques Le Roux commented on OFBIZ-6766:
The work on Set-Cookie will be done by OFBIZ-6655
>
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15054802#comment-15054802
]
Jacques Le Roux commented on OFBIZ-6766:
I reverted r1719762 at r1719764 because of OFBIZ-6655
>
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15054289#comment-15054289
]
Jacques Le Roux commented on OFBIZ-6766:
2nd commit at revision: 1719682
> Secure HTTP headers
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15054249#comment-15054249
]
Jacques Le Roux commented on OFBIZ-6766:
1st commit at revision: 1719660
> Secure HTTP headers
[
https://issues.apache.org/jira/browse/OFBIZ-6766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15054314#comment-15054314
]
Jacques Le Roux commented on OFBIZ-6766:
3rd step at revision: 1719684
> Secure HTTP headers
>
24 matches
Mail list logo
