View Issue Details

IDProjectCategoryView StatusLast Update
0001116bugs.cacert.orgmiscpublic2014-01-08 00:22
ReporterBenBE Assigned ToNEOatNHNG  
Status closedResolutionfixed 
Summary0001116: Setup HSTS for Bugtracker
DescriptionThe bugtracker should advertise HSTS by sending a "Strict-Transport-Security" with at least 3 months timeout
Steps To ReproduceRequest the Bugtracker with HTTPS, now call with HTTP only. Supporting browsers now should enforce HTTPS even when HTTP is given once a successful secure connection was established.
TagsNo tags attached.


related to 0000666 new Mantis allows login without SSL/TLS 
related to 0000683 closedNEOatNHNG password resets no using smtp-tls 



2013-09-23 23:37

administrator   ~0004346

HSTS is enabled now.

Issue History

Date Modified Username Field Change
2012-11-20 23:12 BenBE New Issue
2012-11-20 23:12 BenBE Assigned To => NEOatNHNG
2013-07-10 23:59 BenBE Relationship added related to 0000666
2013-07-11 00:00 BenBE Relationship added related to 0000683
2013-09-23 23:37 NEOatNHNG Note Added: 0004346
2013-09-23 23:37 NEOatNHNG Status new => solved?
2013-09-23 23:37 NEOatNHNG Resolution open => fixed
2014-01-08 00:22 INOPIAE Status solved? => closed