Security headers are missing #6623
Replies: 3 comments
-
Hi @AkashThoriya, Yes, the CSP header is missing because it impacts the whole content of the homepage, and I am also aware of that. I will add this but needs to check the content also as this will block all the dynamic contents mostly. |
Beta Was this translation helpful? Give feedback.
-
Yes, you are right, it impacts the whole content of the homepage. |
Beta Was this translation helpful? Give feedback.
-
@devansh-webkul @dseguy @emtudo Because it's really important as security point of view |
Beta Was this translation helpful? Give feedback.
-
Bug Report
Few security-related headers are missing
Issue Description
CSP policies headers are not here
Bagisto Version
Latest version
Steps To Reproduce
Generate demo via https://demo.bagisto.com/ and
paste link into these sites
https://cspvalidator.org/
https://securityheaders.com/
Actual Result
Headers are not there
Expected Result
Headers must be there
Beta Was this translation helpful? Give feedback.
All reactions