Thanks, patch applied.
On Mon, Oct 19, 2020 at 7:17 PM Ganesh Jaybhay <
ganesh.jayb...@enterprisedb.com> wrote:
> Thank you Dave for the suggestion.
>
> Please find the attached updated patch to make HSTS by default disabled
> and conditional based on flag.
>
> Regards,
> Ganesh Jaybhay
>
> On Mo
Thank you Dave for the suggestion.
Please find the attached updated patch to make HSTS by default disabled and
conditional based on flag.
Regards,
Ganesh Jaybhay
On Mon, Oct 19, 2020 at 5:38 PM Dave Page wrote:
> Hi
>
> On Mon, Oct 19, 2020 at 1:01 PM Ganesh Jaybhay <
> ganesh.jayb...@enterpri
Hi
On Mon, Oct 19, 2020 at 1:01 PM Ganesh Jaybhay <
ganesh.jayb...@enterprisedb.com> wrote:
> Hi Hackers,
>
> Please find the attached patch to fix the below security issues:
>
>- Host Header Injection - Added ALLOWED_HOSTS list to limit host
>address
>- Lack of Content Security Polic
