Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
jpg
webinterfacecsp.jpg 109.0 kB 1 05-Dec-2023 05:32 Ada Csaba
jpg
webinterfacecsp_2.jpg 339.0 kB 1 05-Dec-2023 05:32 Ada Csaba

This page (revision-28) was last changed on 05-Dec-2023 05:32 by Ada Csaba

This page was created on 05-Dec-2023 05:32 by Ada Csaba

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 changed 2 lines
On this page can set various security HTTP headers.\\
[{Image src='webinterfacecsp.jpg' width='..' height='..' align='left' style='..' class='..' }]\\
On this page can set the __Content Security Policy (CSP)__ and various other security HTTP headers.\\
At line 3 added 25 lines
External link\\
[https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP|https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP]
\\
[{Image src='webinterfacecsp_2.jpg' width='1650' height='..' align='left' style='..' class='..' }]\\
\\
The CSP header comes with default policy
{{{
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
}}}
\\\
editable in the GUI. The __Domains Allowed__ field values extend the policy with external source domain directives.\\
\\
The __Other Headers__ section allows adding miscellaneous headers, the format required is\\
{{{
Header-Name:header value #1;header value #2;
}}}
We set the following security headers by default:\\
\\
*__HSTS__ [External link: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security]
*__Referrer-Policy__ [External link: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy]
*__X-Content-Type__ [External link: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options]
*__XSS policy headers__ [External link: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection]
*__Cache Control policy headers__ [External link: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control]
\\
Can add up to 20 additional headers in this section. This may be extended in future releases.\\
At line 5 removed one line
Version Date Modified Size Author Changes ... Change note
28 05-Dec-2023 05:32 1.89 kB Ada Csaba to previous
27 05-Dec-2023 05:32 1.889 kB Ada Csaba to previous | to last
26 05-Dec-2023 05:32 1.904 kB Ada Csaba to previous | to last
25 05-Dec-2023 05:32 1.904 kB Ada Csaba to previous | to last
24 05-Dec-2023 05:32 1.9 kB Ada Csaba to previous | to last
23 05-Dec-2023 05:32 1.704 kB Ada Csaba to previous | to last
22 05-Dec-2023 05:32 1.685 kB Ada Csaba to previous | to last
21 05-Dec-2023 05:32 1.681 kB Ada Csaba to previous | to last
« This page (revision-28) was last changed on 05-Dec-2023 05:32 by Ada Csaba
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
LeftMenu

JSPWiki