Menu
I am running a Sonarqube 4.2 instance on a linux box. Since in our system we have a central portal page from where we navigate to all the child pages, I need to have sonarqube inside a frame. When I have an href, Sonarqube is denying which I guess is due to X-Frame options set as SAMEORIGIN. Any clue how we can modify this?
Also I need to provide CSRF protection in sonarqube. For jenkins, it comes with a built in option to enable CSRF protection. Does sonarqube have anything similar?
Thanks in advance for all the inputs.
226
For the X-Frame option, this has been fixed in SQ 5.1 and you can actually verify this on our Nemo instance.
For the CSRF protection, we have an open ticket about this: SONAR-5040. Note that when an XSS vulnerability is discovered, we always fix it in the upcoming version as well as in the latest LTS version (currently 4.5.x).
188
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
