Maniphest T182535

Investigate maybe setting X-XSS-Protection header
Open, MediumPublic
Actions

Assigned To

None

Authored By

	Bawolff
	Dec 10 2017, 3:50 PM

Tags

Referenced Files

None

Subscribers

Jdforrester-WMF

View All 12 Subscribers

Description

Investigate setting X-XSS-Protection header.

Seems like we should figure out if we want it, and if so set to block. If we don't want, we should maybe consider disabling entirely.

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Declined		None	T165455 Go from "E" to "A+" on Securityheaders.io
		Open		None	T182535 Investigate maybe setting X-XSS-Protection header

Event Timeline

Bawolff created this task.Dec 10 2017, 3:50 PM

Bawolff triaged this task as Medium priority.

Bawolff mentioned this in T165455: Go from "E" to "A+" on Securityheaders.io.

Reedy updated the task description. (Show Details)Dec 10 2017, 5:47 PM

• matmarex unsubscribed.Dec 13 2017, 1:54 AM

Jdforrester-WMF subscribed.May 14 2018, 7:15 AM

MSantos mentioned this in T230811: Add appropriate security headers to MachineVision.Oct 14 2019, 3:14 PM

• chasemp added a project: Security.Feb 10 2020, 10:58 PM

• chasemp removed a project: acl*security.Feb 20 2020, 8:07 PM