AnsweredAssumed Answered

HTTP Security Header Not Detected

Question asked by Stan Willis on Jun 12, 2017
Latest reply on Sep 6, 2017 by Sheela Sarva

HTTP Security Header Not Detected.  Are there any additional details what I can pass along to the developers for this new vuln?  The results for this QID are not very descriptive.

 

RESULTS:

X-Frame-Options HTTP Header missing on port 80.

GET / HTTP/1.1

Host: m.hrblock.com

Connection: Keep-Alive

X-XSS-Protection HTTP Header missing on port 80.

X-Content-Type-Options HTTP Header missing on port 80.

Outcomes