In November of 2010 I provided a progress update on work performed to ensure MantisBT 1.3.x fully supports the X-Content-Security-Policy feature of Firefox 4. At the time, MantisBT was only providing partial support of X-Content-Security-Policy due to a large amount of inline JavaScript contained within pages MantisBT was returning to clients. I am pleased to report that as of late December 2010, MantisBT no longer produces inline JavaScript in page outputs. Continue reading “X-Content-Security-Policy now fully implemented in MantisBT 1.3.x”
Category: MantisBT
MantisBT 1.2.4 Released
Howdy all,
MantisBT 1.2.4 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are advised to upgrade to this release. Continue reading “MantisBT 1.2.4 Released”
Progress towards fully implementing X-Content-Security-Policy
MantisBT 1.2.1 introduced anti-clickjacking features in the form of both X-Content-Security Policy and X-Frame-Options HTTP headers. SHODAN is a search engine that allows the searching of HTTP server fingerprints obtained from internet facing hosts. If we search for X-Frame-Options in SHODAN’s database, just over 7000 results are returned. Performing the same check for the X-Content-Security-Policy header returns just over 90 results. Continue reading “Progress towards fully implementing X-Content-Security-Policy”
MantisBT 1.2.3 Released
Howdy folks,
MantisBT 1.2.3 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are advised to upgrade to this release. Continue reading “MantisBT 1.2.3 Released”
MantisBT 1.2.2 Released
Howdy all,
MantisBT 1.2.2 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are advised to upgrade to this release. Continue reading “MantisBT 1.2.2 Released”