[ClusterLabs] HSTS Missing From HTTPS Server on pcs daemon

S Sathish S s.s.sathish at ericsson.com
Tue Apr 4 13:14:23 EDT 2023

Hi Tomas/Team,

In our case PCS WEB UI us disabled while accessing PCS WEB UI URL we are getting 404 response, As you stated we are getting this vulnerability "HSTS Missing From HTTPS Server"  on Tenable scan.

While going through changelog we can see fixes are available in unreleased version can we know when we can expect formally release ? any tentative timeline please.

Set Content-Security-Policy: frame-ancestors 'self'; default-src 'self' HTTP header for HTTP 404 responses (rhbz#2160555<https://bugzilla.redhat.com/show_bug.cgi?id=2160555>)
Thanks and Regards,
S Sathish S

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clusterlabs.org/pipermail/users/attachments/20230404/9bb54110/attachment.htm>

More information about the Users mailing list