how to fix Security issues
I have 5 issues from (securityheaders.com) and how can I fix my problems, thanks.
Content-Security-Policy
Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets.
X-Frame-Options
X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. Recommended value "X-Frame-Options: SAMEORIGIN".
X-Content-Type-Options
X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff".
Referrer-Policy
Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites.
Permissions-Policy
Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser.
Please sign in to leave a comment.
Hi All
Even if I upgrade from 2023.05.4 to 2023.11 version ,the Permissions-Policy is still happened , what can I do?
Hi,
Thank you for providing your feedback.
I have submitted an issue on your behalf. You can track it for updates.
Note: please remove any sensitive data, as TeamCity forum is public.
Hi Tom
I can't see any thing from your suggestion information, please help me thanks.
YouTrack (jetbrains.com)
Hi Willie,
Sorry for that.
It seems that you has no permission to access it. I have changed it, It should work now.
Hi Tom
sorry again, I only can see as follwoing content, but I still don't know how to fix “Permissions-Policy” issues, please assis me.
Thanks ,
Willie
Hi Willie,
I reported this issue to our dev team. You can track TW-85567 for updates.
Thanks.
I got it and thanks