Feature #1011: Additional security features - OpenAtlas - Redmine

Feature #1011

Updated by Alexander Watzinger over 5 years ago

To provide additional security we tested OpenAtlas at Mozilla and tried to implent the suggestions: https://observatory.mozilla.org/analyze/demo-dev.openatlas.eu 

 Implemenation in application: 

 * Using secure cookies: https://infosec.mozilla.org/guidelines/web_security#cookies 

 Testing implementation and adding to install notes: 

 * HTTP Strict Transport Security https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security 
 * X-Content-Type-Options https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options 
 * X-Frame-Options https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options 
 * X-XSS-Protection https://infosec.mozilla.org/guidelines/web_security#x-xss-protection X-Content-Type-Options https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options

Back

Project

General

Profile

OpenAtlas

Feature #1011