root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
gitlab-ce/doc/user/application_security/dast/checks/16.9.md

1.2 KiB
Raw Permalink Blame History

stage group info
Secure Dynamic Analysis To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments

Content-Security-Policy-Report-Only analysis

Description

A Content-Security-Policy-Report-Only (CSPRO) was identified on the target site. CSP-Report-Only headers aid in determining how to implement a Content-Security-Policy that does not disrupt normal use of the target site.

Remediation

Follow the recommendations to determine if any actions are necessary to harden this Content-Security-Policy-Report-Only. After all alerts have been resolved, we recommend that this header be changed to Content-Security-Policy.

Details

ID Aggregated CWE Type Risk
16.9 true 16 Passive Info

Links