Releases: rfc-st/humble
1.7
Feature. Added 7 new checks for fingerprint headers: 'X-Hudson', 'X-Jenkins', 'X-Jenkins-Session', 'X-CMS-Version', 'X-Generated-By', 'X-Cache-Type' and 'X-Bitrix-Composite'.
Feature. 3 new checks for deprecated headers: 'X-Pad', 'X-Content-Security-Policy' and 'X-Webkit-CSP'.
Feature. Check for available and obsolete CSP directives.
Feature. Update User Agent sent.
Fix. Improve empty HTTP response headers results.
Fix. Tune 'Access-Control-Allow-Origin' insecure checks.
Fix. Show all guides and references.
Fix. Improve README file.
Fix. Improved description of results and improve HTML style of some headers.
1.6
Feature. Added 10 new checks for fingerprint headers: 'X-Drupal-Cache-Contexts', 'X-Drupal-Cache-Tags', 'Product', 'X-Using-Nginx-Controller', 'SPIisLatency', 'SPRequestDuration', 'SPRequestGuid', 'X-MS-InvokeApp', 'X-SharePointHealthScore' and 'WP-Super-Cache'.
Feature. Check whether Content-Security-Policy contains at least one valid directive.
Feature. Block russian domains (https://github.com/rfc-st/humble/blob/master/CODE_OF_CONDUCT.md#update-20220326).
1.5
Feature. Added 2 new checks for fingerprint headers: 'simplycom-server' and 'Generator'.
Feature. Show analysis advices, prioritizing reviews based on results.
1.4
Feature. Added 5 new checks for fingerprint headers: 'Composed-By', 'X-Spip-Cache', 'X-Redirect-Powered-By', 'X-Provided-By' and 'X-Rack-Cache'.
Fix. Remove dead link and add new one
1.3
Feature. Add 9 new checks for fingerprint headers: 'X-Magento-Cache-Control', 'X-Magento-Cache-Debug', 'X-ServerName', 'X-Server-Name', 'X-TEC-API-ORIGIN', 'X-TEC-API-ROOT', 'X-TEC-API-VERSION', 'X-Varnish-Cache' and 'X-Varnish-CC',
Feature. Add "Features" to Readme file.
Feature. Update license years.
Fix. Improve insecure HTTP methods checks.
Fix. Improve HTML format of some insecure headers details.
Fix. Improve fingerprint checks description.
1.2
Feature. New fingerprint headers: 'Oracle-Mobile-Runtime-Version', 'X-AH-Environment', 'X-ORACLE-DMS-ECID' and 'X-ORACLE-DMS-RID',
Feature. New insecure value checks: 'Allow' and 'Access-Control-Allow-Methods'.
Fix. Improve parameters descriptions.
Fix. Better wording of findings.
1.1
Feature. New fingerprint headers: 'Hummingbird-Cache', 'X-Accel-Buffering', 'X-Accel-Redirect', 'X-Accel-Charset', 'X-Accel-Expires', 'X-Accel-Limit-Rate' and 'X-Shopify-Request-Trackable'.
Feature. Sort missing and insecure value headers.
Fix. Now reports all the headers, if none of them are enabled.
To-Do. Associate application and fingerprint header.
1.0
First official release of this 'humble' project.