Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

request #19302: Force Chromium-based browsers to segment the cache to defend against cache probing

Download Browse

This contribution set a new headers on all responses to tell browsers supporting the Fetch Metadata Request Headers to segment their cache according to the origin of the requests. This help to defend against cache-probing based cross-site leaks. No functional change is expected, after having redeployed your nginx configuration a new header should be present on every responses. Change-Id: I26bbe482c6d6dea40480ddad97e35435e146bf6f

+7 −0
Thomas Gerbet (tgerbet) 2021-02-12 15:58
Thomas Gerbet (tgerbet) 2021-02-12 15:58
6e3c18ff65c74acca1c8916276d06a181431b13c
013b22236edf07ad8b556d0a2813b269a5702b91
git #tuleap/stable/6e3c18ff65c74acca1c8916276d06a181431b13c

Modified Files

Side by side diff
Inline diff
Name
A src/etc/nginx/tuleap.d/11-vary-fetch-site-metadata.conf +7 −0 Go to diff View file