Loading...

XML

Word

Printable

Type: Improvement
Resolution: Unresolved
Priority: P4: Low
Fix Version/s: None
Affects Version/s: None
Component/s: qt-project.org, qt.io
Labels:
None

Mozilla published a tool to evaluate site security recently. I ran that on the Qt sites for the fun of it. The results are pretty bad IMHO:

Qt.io gets a D-.
qt-project.org gets an D-.
bugreports.qt.io gets an D-.
~~doc.qt.io gets an F.~~
codereview.qt-project.org gets an F.
wiki.qt.io gets an F.
code.qt.io gets an F.
login.qt.io gets an F.
forum.qt.io gets an F.
lists.qt-project.org gets an F.

Can we please do something about these ratings? Especially the sites with user-generated contents should make use of all the XSS protection they can get their hands on.

resulted in

QTWEBSITE-990 Bad grade for security from observatory.mozilla.org

Open

- Issue Only
- Show All Reviews
- Show Open Reviews

For Gerrit Dashboard: QTWEBSITE-731
#	Subject	Branch	Project	Status	CR	V
350882,1	WIP: Add Content Security Policy (CSP) implementation	master	www/qtproject	Status: ABANDONED	-2	0

Assignee:: Cristian Maureira-Fredes

Reporter:: Tobias Hunger

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 12 Sep '16 08:33

Updated:: 25 May '21 11:33

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

WIP: Add Content Security Policy (CSP) implementation: Gerrit Review:

Details

Description

Attachments

Issue Links

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews