Skip to content

Additional Security Headers #1148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
russjones opened this issue Jul 18, 2017 · 0 comments
Closed

Additional Security Headers #1148

russjones opened this issue Jul 18, 2017 · 0 comments

Comments

@russjones
Copy link
Contributor

Problem

Modern security browsers have added several headers that can assist in security related issues. For example, Strict Transport Security can be used to inform a browser that all requests to this domain must be over HTTPs.

We should investigate what additional security headers make sense and implement them in Teleport.

Proposed Solution

Investigate the following headers:

  • Caching related.
  • Cross-site scripting (XSS)
  • Embedding iframes.
  • Strict Transport Security.
  • Content security policy.
  • Content sniffing.
@alex-kovoy alex-kovoy mentioned this issue Jul 18, 2017
Merged
hatched pushed a commit to hatched/teleport-merge that referenced this issue Nov 30, 2022
adds (preview) to Share Directory menu item (gravitational#1148)
0f0b5f6
hatched pushed a commit that referenced this issue Dec 20, 2022
adds (preview) to Share Directory menu item (#1148)
5e653d5
hatched pushed a commit that referenced this issue Feb 1, 2023
[v10] Backport #1148 and #1153 (#1156)
b9ce54c 
* adds (preview) to Share Directory menu item (#1148)

* Adds special handling for CapsLock on MacOS (#1153)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@russjones