fmaury/seirdy.one
1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-23 21:02:09 +00:00
Code Issues Projects Releases Wiki Activity

fix dead link

Browse source
This commit is contained in:
Rohan Kumar 2022-11-26 11:20:46 -08:00
parent 7b82b044db
commit 450a8dfd53
No known key found for this signature in database
GPG key ID: 1E892DB2A5F84479
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
content/notes/website-security-scanners.md
View file

@ -5,7 +5,7 @@ replyURI: "https://plem.sapphic.site/notice/APB6VSqinvWjm1yHgW"
replyTitle: "why does hardenize still check for Expect-CT when the header is deprecated" replyTitle: "why does hardenize still check for Expect-CT when the header is deprecated"
replyType: "SocialMediaPosting" replyType: "SocialMediaPosting"
replyAuthor: "r3g_5z" replyAuthor: "r3g_5z"
replyAuthorURI: "https://blog.terezi.dev/" replyAuthorURI: "https://blog.girlboss.ceo/"
--- ---
Speaking generally: I think most website security scanners (Webbkoll, Observatory, et al) lend themselves to cargo-cults. You don't need [most Content Security Policy directives](https://w3c.github.io/webappsec-csp/#csp-directives) for a PNG file, for instance. Warning against a missing `X-Frame-Options` feels wrong: even the latest version of iOS 9---the oldest iOS release to support secure TLS 1.2 <abbr>ECDSA</abbr> ciphers---seems to support `frame-ancestors` (correct me if I'm wrong). Speaking generally: I think most website security scanners (Webbkoll, Observatory, et al) lend themselves to cargo-cults. You don't need [most Content Security Policy directives](https://w3c.github.io/webappsec-csp/#csp-directives) for a PNG file, for instance. Warning against a missing `X-Frame-Options` feels wrong: even the latest version of iOS 9---the oldest iOS release to support secure TLS 1.2 <abbr>ECDSA</abbr> ciphers---seems to support `frame-ancestors` (correct me if I'm wrong).