To Check: securityheaders.com

  • TecnoMax

    (@tecnomax)


    2 years, 9 months ago

    Hi

    Just for informational purposes, I did some tests on my web site at: https://securityheaders.com/

    A warning message is displayed after the latest version in securityheaders.com: Content-Security-Policy There was an unknown or duplicate directive “,”. The CSP directive , contains upgrade-insecure-requests as a source expression. Should this be “, …; upgrade-insecure-requests …” instead?

    Permissions-Policy We detected an invalid directive, “window-management”.

    I imagine everything works fine with the plugin. It’s just checking.

    Thanks your plugin is excellent!

Viewing 1 replies (of 1 total)
  • Plugin Author Andrea Ferro

    (@unicorn03)

    2 years, 9 months ago

    Thank you @tecnomax for using my plugin and for creating the topic to share your experience. I really appreciate your feedback and taking the time to run tests on your website.

    I am Andrea and I will help you answer the various questions in the topic. Regarding the Content-Security-Policy the plugin sets a standard value and then from version 5.0.27 you can customize the CSP headers directly from the plugin settings (this is to allow the user who wants to have more).

    Yes! I confirm that the plugin on the reported issues works without causing performance errors or malfunctions.

    For the window-management directive I confirm you that the upcoming version 5.0.28 will fix the value.

    thank you again for the open thread and please feel free to write to me with further concerns or questions

Viewing 1 replies (of 1 total)

The topic ‘To Check: securityheaders.com’ is closed to new replies.

Tags