Project

General

Profile

Actions
Copy link

Task #100032

closed

Add default HTTP security headers for backend

Added by Torben Hansen about 1 year ago. Updated 3 months ago.

Status:
Closed
Priority:
Should have
Assignee:
Torben Hansen
Category:
-
Target version:
12 LTS
Start date:
2023-02-25
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

The TYPO3 backend should use common HTTP security headers by default.

The following HTTP security headers can safely be added:

  • Strict-Transport-Security (if [BE][lockSSL] is set or of the backend is accessed using HTTPS)
  • X-Content-Type-Options
  • Referrer-Policy
Actions
Copy link
 #1

Updated by Torben Hansen about 1 year ago

  • Description updated (diff)
Actions
Copy link
 #2

Updated by Gerrit Code Review about 1 year ago

  • Status changed from New to Under Review

Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/77946

Actions
Copy link
 #3

Updated by Torben Hansen about 1 year ago

  • Target version set to 12 LTS
Actions
Copy link
 #4

Updated by Gerrit Code Review about 1 year ago

Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/77946

Actions
Copy link
 #5

Updated by Torben Hansen about 1 year ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #6

Updated by Benni Mack 3 months ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF