Versions Compared

Old Version 23

changes.mady.by.user Jacques Le Roux

Saved on

compared with

New Version 24

changes.mady.by.user Jacques Le Roux

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Adds Public-Key-Pins-Report-Only (though stuff)

...

Here are some documentation and links for each header:

Global references

https://blog.appcanary.com/2017/http-security-headers.html

...

OFBiz users can decide to change this parameter if they want 

Public-Key-Pins-Report-Only

To use in custom project only. Public-Key-Pins-Report-Only is interesting but can't be used OOTB because of demos (the letsencrypt certificate is renewed every 3 months)

Related Jira issues:

Jira
serverASF JIRA
serverId5aa69414-a9e9-3523-82ec-879b028fb15b
keyOFBIZ-6759

...