[ClusterLabs] HSTS Missing From HTTPS Server on pcs daemon

Tomas Jelinek tojeline at redhat.com
Thu Apr 6 05:07:18 EDT 2023

Hi S Sathish S,

New pcs-0.10.16 version containing the fix for this issue has just been 
released upstream.


Dne 04. 04. 23 v 19:14 S Sathish S napsal(a):
> Hi Tomas/Team,
> In our case PCS WEB UI us disabled while accessing PCS WEB UI URL we are 
> getting 404 response, As you stated we are getting this vulnerability 
> “HSTS Missing From HTTPS Server”  on Tenable scan.
> While going through changelog we can see fixes are available in 
> unreleased version can we know when we can expect formally release ? any 
> tentative timeline please.
> Set |Content-Security-Policy: frame-ancestors 'self'; default-src 
> 'self'| HTTP header for HTTP 404 responses (rhbz#2160555 
> <https://bugzilla.redhat.com/show_bug.cgi?id=2160555>)
> Thanks and Regards,
> S Sathish S

More information about the Users mailing list