20 Lines or Less: Security Headers and DNS

What could you do with your code in 20 Lines or Less? That's the question we like to ask from, for, and of (feel free to insert your favorite preposition here) the DevCentral community, and every ...
Published Mar 14, 2016
Version 1.0
application delivery
iRules
Simon_Waters_13's avatar
Simon_Waters_13
Icon for Cirrostratus rankCirrostratus
Mar 15, 2016
Scott provides report-uri.io which allows reporting for CSP and HPKP violations, which could be added with only a couple of extra lines. https://report-uri.io/ Alas my no-sniff rule is rather more complex thanks to Jive software. As is every CSP I've ever done that is useful. I'm doing something similar for Wordpress, but have different ages for HSTS and HPKP which I think makes sense as HPKP may well want to be shorter than HSTS, and well the less said about trying to apply CSP to WordPress sensibly the better.