Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Minor
Fix Version/s: 24.0.0.Beta3, 24.0.0.Final
Affects Version/s: None
Component/s: Management, Security
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/5894

DAST scanning of WildFly has picked up that on the management interface the Anti-MIME-Sniffing header X-Content-Type-Options is not set to 'nosniff'.

See https://owasp.org/www-project-secure-headers/#x-content-type-options for background information.

relates to

WFLY-19101 Add test checking for X-Content-Type-Options header in management console

Resolved

Assignee:: Chao Wang

Reporter:: Brian Stansberry

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/03/04 6:17 PM

Updated:: 2024/04/25 4:58 PM

Resolved:: 2024/03/14 8:27 PM