Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Grow your Fabric skills and prepare for the DP-600 certification exam by completing the latest Microsoft Fabric challenge.

abduljaleelvp7

Microsoft Power BI report Server - Setup response headers

Submitted by on ‎01-05-2021 08:59 PM

During the security scanning for Microsoft power bi server, one of our client has identified few response headers and other defects.
As we have seen that the report server doesn't have an option to set up the web server and response header configurations, could you please assist us in setting up the response headers for the BI Server.

below are the reported defects.
- Cross site scripting (content-sniffing)
Affected Item (/reports/api/v2.0/SystemResources)
- Slow HTTP Denial of Service Attack
Your web server is vulnerable to Slow HTTP DoS (Denial of Service) attacks.
- Cookies with missing, inconsistent or contradictory propertiesAffected Item (/RPA/Cookie_Validator.js)
- HTTP Strict Transport Security (HSTS) not implemented
- Content Security Policy (CSP) not implemented / Insecure Referrer Policy

For majority of the defects, we cannot apply the fixes as the web server property is not found or urlrewrite cannot be found as part of the report server.

Please advise

Thank You,
Abdul Jaleel 

@Admin 

Status: New
See more ideas labeled with:
1 Comment (1 New)
Comments
Idea Statuses