[ClusterLabs] HSTS Missing From HTTPS Server on pcs daemon
Tomas Jelinek
tojeline at redhat.com
Thu Apr 6 05:07:18 EDT 2023
Hi S Sathish S,
New pcs-0.10.16 version containing the fix for this issue has just been
released upstream.
Regards,
Tomas
Dne 04. 04. 23 v 19:14 S Sathish S napsal(a):
> Hi Tomas/Team,
>
> In our case PCS WEB UI us disabled while accessing PCS WEB UI URL we are
> getting 404 response, As you stated we are getting this vulnerability
> “HSTS Missing From HTTPS Server” on Tenable scan.
>
> While going through changelog we can see fixes are available in
> unreleased version can we know when we can expect formally release ? any
> tentative timeline please.
>
> Set |Content-Security-Policy: frame-ancestors 'self'; default-src
> 'self'| HTTP header for HTTP 404 responses (rhbz#2160555
> <https://bugzilla.redhat.com/show_bug.cgi?id=2160555>)
>
> Thanks and Regards,
> S Sathish S
>
More information about the Users
mailing list