Loading...

XML

Word

Printable

Details

Type: Improvement
Resolution: Unresolved
Priority: P4: Low
Fix Version/s: None
Affects Version/s: None
Component/s: qt-project.org, qt.io
Labels:
None

Description

Mozilla published a tool to evaluate site security recently. I ran that on the Qt sites for the fun of it. The results are pretty bad IMHO:

Qt.io gets a D-.
qt-project.org gets an D-.
bugreports.qt.io gets an D-.
~~doc.qt.io gets an F.~~
codereview.qt-project.org gets an F.
wiki.qt.io gets an F.
code.qt.io gets an F.
login.qt.io gets an F.
forum.qt.io gets an F.
lists.qt-project.org gets an F.

Can we please do something about these ratings? Especially the sites with user-generated contents should make use of all the XSS protection they can get their hands on.

Attachments

Issue Links

resulted in

QTWEBSITE-990 Bad grade for security from observatory.mozilla.org

Open

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Cristian Maureira-Fredes

Reporter:: Tobias Hunger

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 12 Sep '16 08:33

Updated:: 25 May '21 11:33

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

WIP: Add Content Security Policy (CSP) implementation: Gerrit Review: