Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
CoreyYang
New Member

How to set CustomHeaders of PBIRS to private & no-store?

‎11-23-2023 12:50 AM

Recently my clients had taken vulnerability scans of PBIRS(on premise). The scan report indicates CWE: 525(Cache Management: Insecure Policy ( 11306 )) low issues. The scan software is Micro Focus. Recommed fix is: Set the Cache-Control directive to private and no-store.

PBIRS build version: 15.0.1113.165

File version: 1.18.8683.7488 

SSL: Yes

I've tried to apply CustomHeaders from "https://learn.microsoft.com/en-us/sql/reporting-services/tools/server-properties-advanced-page-repor...

CustomHeader value is as below:

<CustomHeaders> <Header> <Name>X-XSS-Protection</Name> <Pattern></Pattern> <Value>1; mode=block</Value> </Header> <Header> <Name>Cache-Control</Name> <Pattern></Pattern> <Value>private</Value> </Header> </CustomHeaders>

 

However, the scan result was the same as before. I'd like to know how to fix this low issue.

Labels:
Message 1 of 1
184 Views
0
0 REPLIES 0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All