指摘事項 #165
Apacheのhttpd.confに下記を設定する。
・Strict-Transport-Security
---
Header always set Strict-Transport-Security "max-age=63072000"
---
・X-Content-Type-Options
---
Header always append X-Content-Type-Options "nosniff"
---
・X-Frame-Options
---
Header always append X-FRAME-OPTIONS "DENY"
---
・Cache-Control
---
FileEtag None
RequestHeader unset If-Modified-Since
Header set Cache-Control no-store
---
→対応後の確認結果を添付
---------------
対応確認いたしました。
・Strict-Transport-Security
---
Header always set Strict-Transport-Security "max-age=63072000"
---
・X-Content-Type-Options
---
Header always append X-Content-Type-Options "nosniff"
---
・X-Frame-Options
---
Header always append X-FRAME-OPTIONS "DENY"
---
・Cache-Control
---
FileEtag None
RequestHeader unset If-Modified-Since
Header set Cache-Control no-store
---
→対応後の確認結果を添付
---------------
対応確認いたしました。