Closed Bug 1290434 Opened 8 years ago Closed 8 years ago

Improve PaaS cluster security - HTTP headers

Categories

(Participation Infrastructure :: Community Ops, task)

Product:
Participation Infrastructure
Component:
Community Ops
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: nemo-yiannis, Unassigned)

References

Details

In order to improve the cluster security we need to implement the following headers in our haproxy level.

* X-Content-Type-Options
* X-Frame-Options
* X-XSS-Protection
See Also: → 1290410
It looks like this is not feasible to be implemented in the load-balancer level and we added a policy to always implement this in our app deployment level.

Minimum policy for http-observatory:

B for all community sites
A- for all our core mozilla sites
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.