how to fix Security issues

I have 5  issues from (securityheaders.com)  and how can I fix my problems, thanks.

Content-Security-Policy

Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets.

X-Frame-Options

X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. Recommended value "X-Frame-Options: SAMEORIGIN".

X-Content-Type-Options

X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff".

Referrer-Policy

Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites.

Permissions-Policy

Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser.

0
7 comments

Hi All 

Even if I upgrade from 2023.05.4 to 2023.11 version ,the Permissions-Policy is still happened , what can I do?

0

Hi,

Thank you for providing your feedback. 
I have submitted an issue on your behalf. You can track it for updates.

Note: please remove any sensitive data, as TeamCity forum is public.

0

Hi Tom
I can't see any thing from your suggestion information, please help me thanks.

YouTrack (jetbrains.com)

0

Hi Willie, 

Sorry for that.

It seems that you has no permission to access it. I have changed it, It should work now. 

 

0

Hi Tom

sorry again, I only can see as follwoing content, but I still don't know how to fix “Permissions-Policy” issues, please assis me.
Thanks ,
Willie

 

0

Hi Willie,

I reported this issue to our dev team. You can track TW-85567 for updates. 

Thanks.

0

I got it and thanks 

0

Please sign in to leave a comment.