Actions
Task #100032
closedAdd default HTTP security headers for backend
Start date:
2023-02-25
Due date:
% Done:
100%
Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Sprint Focus:
Description
The TYPO3 backend should use common HTTP security headers by default.
The following HTTP security headers can safely be added:
Strict-Transport-Security
(if[BE][lockSSL]
is set or of the backend is accessed using HTTPS)X-Content-Type-Options
Referrer-Policy
Actions