Status report warnings

Created on 12 October 2021, about 3 years ago
Updated 22 July 2024, 5 months ago

Problem/Motivation

Everytime I go to my site Status Report: /admin/reports/status

I get two warnings:

CONTENT SECURITY POLICY Not configured
It is highly recommended to set a secure Content Security Policy. A recommended value would be `default-src https: data: \'unsafe-inline\' \'unsafe-eval\'`. See the HTTP Response Headers Help page for more information.
PUBLIC KEY PINS Not configured
It is highly recommended to configure your Public Key Pins. See the HTTP Response Headers Help page for more information.

I went into the headers configuration: /admin/config/system/response-headers

And deleted the content-security-policy and the -public-key-pins since I do not want to use these.
I am already using the content security policy module so do not need it here and will not be using public-key-pins at all.

However, when I go to status report, the warnings still show.
How can I get rid of these warning messages? Shouldn't they automatically go away if these two headers have been removed?

Thank you.

πŸ› Bug report
Status

Fixed

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States jsidigital

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024