X-Frame-Options or Content-Security-Policy: frame-ancestors HTTP Headers missing on port 8012
Article ID: 93273
Updated On:
Products
CA Application Test
CA Continuous Application Insight (PathFinder)
Issue/Introduction
The Vulnerability Scan Report shows,
"X-Frame-Options or Content-Security-Policy: frame-ancestors HTTP Headers missing on port 8012.
GET / HTTP/1.0 Host: sampleserver.sample.com:8012 X-XSS-Protection HTTP Header missing on port 8012. X-Content-Type-Options HTTP Header missing on port 8012. Content-Security-Policy HTTP Header missing on port 8012."
"X-Frame-Options or Content-Security-Policy: frame-ancestors HTTP Headers missing on port 8012.
GET / HTTP/1.0 Host: sampleserver.sample.com:8012 X-XSS-Protection HTTP Header missing on port 8012. X-Content-Type-Options HTTP Header missing on port 8012. Content-Security-Policy HTTP Header missing on port 8012."
Environment
All supported DevTest environments
Cause
We noticed the following:
HTTPS VSM listening on port 8012
Path to the webreckeys keys in the VSM Listen Step were different.
HTTPS VSM listening on port 8012
Path to the webreckeys keys in the VSM Listen Step were different.
Resolution
Stopped the service that is running on port 8012
Updated the path to webreckeys.ks as that was incorrect.
Ran the vulnerability scan and did not see any issues.
Updated the path to webreckeys.ks as that was incorrect.
Ran the vulnerability scan and did not see any issues.
Feedback
Yes
No
Powered by
