The server does not use HSTS-Headers and is vulnerable to „clickjacking“

Thread starter Michal S
Start date May 11, 2016

Michal S

New Member

May 11, 2016

1. PVEproxy server does not use HSTS-Headers.
2. PVEproxy server is vulnerable to „clickjacking“, because it does not make use of the X-Frame-Options HTTP header.

Is there an option to set this http header?

You must log in or register to reply here.

Bluesky LinkedIn Reddit Email Link

Top Bottom

Back

We value your privacy

We use essential cookies to make this site work, and optional cookies to enhance your experience.

See further information and configure your preferences

Accept all cookies Reject optional cookies
Essential cookies

These cookies are required to enable core functionality such as security, network management, and accessibility. You may not reject these.

Optional cookies

We deliver enhanced functionality for your browsing experience by setting these cookies. If you reject them, enhanced functionality will be unavailable.

Third-party cookies

Cookies set by third parties may be required to power functionality in conjunction with our captcha service provider for security and anti-spam purposes.

Detailed cookie usage

Privacy policy

Search

Search

The server does not use HSTS-Headers and is vulnerable to „clickjacking“

Michal S

New Member

We value your privacy