Skip to content

fix: add Referrer-Policy header check and update description#518

Open
balaakasam wants to merge 1 commit into
zaproxy:mainfrom
balaakasam:patch-1
Open

fix: add Referrer-Policy header check and update description#518
balaakasam wants to merge 1 commit into
zaproxy:mainfrom
balaakasam:patch-1

Conversation

@balaakasam

Copy link
Copy Markdown

Description

Adds a missing Referrer-Policy header check to the existing Multiple Security Header Check script and updates the metadata description to include it in the list of checked headers.

Changes

  • Added Referrer-Policy to the metadata description list
  • Added check for missing Referrer-Policy header with appropriate alert name, description, and solution

Why

The Referrer-Policy header is a modern security header recommended by OWASP and included in the OWASP Secure Headers Project. It was missing from this script while all other major security headers were already covered.

References

Signed-off-by: balaakasam <thripuraavula@gmail.com>
@psiinon

psiinon commented Jul 4, 2026

Copy link
Copy Markdown
Member

Logo
Checkmarx One – Scan Summary & Detailsb5001f10-97a8-4673-992d-676147667dba

Great job! No new security vulnerabilities introduced in this pull request


Use @Checkmarx to interact with Checkmarx PR Assistant.
Examples:
@Checkmarx how are you able to help me?
@Checkmarx rescan this PR

@kingthorin

Copy link
Copy Markdown
Member

Needs a spotlessApply.
Also the new addition may as well follow the array mechanism the original code already established for alert details.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Development

Successfully merging this pull request may close these issues.

3 participants