Comments (7)
Hmm IIRC you could define it a bit higher on the server level maybe your hoster could take a look there?
You could also try to use: Header always set within the htaccess as that should overrule such setup. But after that I'm going to be out of ideas here sorry.
As you confirmed that its not an issue within the plugin i'm closing here for now. Feel free to update here once you found the solution. Thanks!
from plg_system_httpheader.
Hi,
the issue is that nowdays the "no-referrer-when-downgrade" (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) is the default behavior so when you want to be more strict you should set the header to something more strict than that for example same-origin
Than this issues should not come up again.
from plg_system_httpheader.
@zero-24 Still the warning. I wrote this here, because I saw if you add, all what do the plugin directly in the .htaccess then do not show this warning. So, I was/still not sure if can be relate with the plugin
from plg_system_httpheader.
hmm from your sceenshot it seems there are two headers with the same name but one that is empty? Could it be a rule from the htaccess?
from plg_system_httpheader.
I did not notice that. No, I not touched the .htaccess at all, but will check it. This is very strange.
from plg_system_httpheader.
@carlitorweb Do you have any update here? Was that solved in the meantime? Could you find the place where the empty rule was comming from?
from plg_system_httpheader.
@zero-24 Is not the plugin for sure, that I know 100% after test it well. So, you can close this entry.
However, I still getting the empty referrer-policy. I checked the .htaccess and is clean. The template too. I not sure where else this can be defined, I not found any other place for search.
from plg_system_httpheader.
Related Issues (20)
- RSS feeds not working anymore after enabling the plugin HOT 2
- Feature request: Secure and HttpOnly cookies HOT 4
- Update from 1.0.11 to 1.0.12 does not go through HOT 9
- Error parsing header X-XSS-Protection HOT 9
- Headers added only to admin section HOT 10
- [enhancement] Add support for Permissions-Policy HOT 7
- can I have a version of httpHeader special for php 5.4 only HOT 1
- purchased Template ignoring your plugin HOT 2
- Question About Plugin Effectiveness HOT 6
- Hashes do not match HOT 12
- Missing translations HOT 2
- Update to new version HOT 2
- Testing HttpHeader Plugin HOT 7
- Adding a ftp subdomain to CSP HOT 6
- Improvement to be made HOT 2
- Removing headers HOT 4
- [Feature request] Add support for enabling / disabling limiting headers to the defined list. HOT 10
- Missing Headers - Permissions-Policy HOT 6
- What would cause this plugin to stop working, code is showing up on my website headers? HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from plg_system_httpheader.