• last updated 11 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
added test for xotcl/version-numbers

Added state of "robots.txt" and "security.txt" to posture overview

  1. … 1 more file in changeset.
increased timeout for checking requests on own site

fixed URLs

  1. … 1 more file in changeset.
New pages for admins: Security and Privacy Posture Overview

As expressed as a wish from OpenACS users at the last OpenACS

conference, a "Security and Privacy Posture Overview" was added that

offers a quick overview of the state of the system and eases access to

the parameters scattered over different packages in the system.

The page offers:

- Quick overview

- Check of security and privacy relevant package parameters

- Permission and accessibility check of mounted packages

- Response header check

- External library check (CDN vs local usage, vulnerable or outdated libraries)

TODO: One should probably reconsider the permissions of some of the standard site nodes

(similar to what we did with the API browser some time ago).

  1. … 3 more files in changeset.
file posture-overview.tcl was initially added on branch oacs-5-10.