Project

General

Profile

Cleanup #47341

Feature #47765: mgr/dashboard: security improvements

mgr/dashboard: securing CherryPy

Added by Ernesto Puerta 5 months ago. Updated 4 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
dashboard/backend
Target version:
% Done:

0%

Tags:
security
Backport:
nautilus, octopus
Reviewed:
Affected Versions:
Pull request ID:

Description

Ensuring we follow, as much as possible, Cherrypy security guidelines

  • Transmitting data:
    • Use Secure Cookies
  • Rendering pages:
    • Set HttpOnly cookies
    • Set XFrame options
    • Enable XSS Protection
    • Set the Content Security Policy

History

#1 Updated by Ernesto Puerta 4 months ago

  • Parent task set to #47765

Also available in: Atom PDF