Nextcloud 14 Beta 3 The "Referrer-Policy" HTTP header is not set to "no-referrer" #10624
Comments
|
So it is not and error it is a warning as you can see. |
|
Okay, this is an browser issue? I don’t get this warning on NC 13 ??
…Sent from my iPhone X
On Aug 9, 2018, at 1:52 PM, Roeland Jago Douma <notifications@github.com<mailto:notifications@github.com>> wrote:
So it is not and error it is a warning as you can see.
It is warning you a header is not set which makes your browser forward any referrer information which is not recommended. So the system is actually doing what it should do. Warning you.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#10624 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AXb4Q5_WaktuQnBe6HHTTbIhviz9lBYqks5uPIT9gaJpZM4V15Zb>.
|
|
Ah no. It is a new security header. We only added a check for it in NC14. That si why it shows up in the beta ;) |
|
@rullzer is this warrning always going to show? |
|
Yes. Unless you set the header. Same as for the other security header we recommend |
|
@rullzer Thank you! how do i set the header and where ? |
|
@rullzer any update on this? |
|
@andyxh This header needs to be added into your vhost conf. Ex: <VirtualHost *:443> |
It should be added to the NC docs as well, not? The location where and what do add, like with this other header that's documented. Currently there is a W3C link, but I think it's not very comprehensive for everyone. |
|
I agree with @mathiasconradt. Only figured out what to do with @ShipNecro comment. |
|
Why not add these headers to the |
Hello getting this error in NC 14 Beta 3
The text was updated successfully, but these errors were encountered: