[LON-CAPA-admin] Content Security Policy, Referrer-Policy, and Permissions-Policy headers in LON-CAPA
Michael Dugdale
michael.dugdale at johnabbott.qc.ca
Tue Sep 28 20:49:47 EDT 2021
Hi,
I was just checking for SSL certificate issues on our cluster (all’s good on that front) but it reminded me that I had intended to ask about setting Content Security Policy, Referrer-Policy, and Permissions-Policy headers on a LON-CAPA installation.
Not setting these shows up on some site security scans, and this may become an issue in the future (looking ahead to our IT department taking over our installation). I was wondering if anyone knew about possible “safe” (as in, won’t break LON-CAPA functionality) settings for these headers.
Thanks in advance for any thoughts,
Cheers,
Michael
Michael Dugdale
Physics Department,
John Abbott College,
21275 Lakeshore Road,
Sainte-Anne-de-Bellevue, QC H9X 3L9
Canada
(514) 457-6610 Ext. 5 888
michael.dugdale at johnabbott.qc.ca<mailto:michael.dugdale at johnabbott.qc.ca>
Co-director, SALTISE
https://www.saltise.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.lon-capa.org/pipermail/lon-capa-admin/attachments/20210929/1e9b8544/attachment.html>
More information about the LON-CAPA-admin
mailing list