Author Archives: David Hicks

MantisBT 1.3.x to produce XHTML strict output

Work is well underway towards modernising the user interface of MantisBT. The first step being taken towards this goal is to ensure that MantisBT 1.3.x produces XHTML strict page output. Bug #12545 tracks progress towards removing deprecated HTML 4 (and … Continue reading

Posted in MantisBT | 16 Comments

X-Content-Security-Policy now fully implemented in MantisBT 1.3.x

In November of 2010 I provided a progress update on work performed to ensure MantisBT 1.3.x fully supports the X-Content-Security-Policy feature of Firefox 4. At the time, MantisBT was only providing partial support of X-Content-Security-Policy due to a large amount … Continue reading

Posted in MantisBT | Comments Off on X-Content-Security-Policy now fully implemented in MantisBT 1.3.x

Progress towards fully implementing X-Content-Security-Policy

MantisBT 1.2.1 introduced anti-clickjacking features in the form of both X-Content-Security Policy and X-Frame-Options HTTP headers. SHODAN is a search engine that allows the searching of HTTP server fingerprints obtained from internet facing hosts. If we search for X-Frame-Options in … Continue reading

Posted in MantisBT | 7 Comments

Eclipse Community Survey 2010

The results of the Eclipse Community Survey 2010 have recently been released. A summary of the findings is available in the Open Source Developer Report 2010. This survey of the Eclipse community is an interesting insight into software development and … Continue reading

Posted in MantisBT | 9 Comments

Clickjacking protection in MantisBT 1.2.1

Mantis Bug Tracker 1.2.1 includes initial support for X-Frame-Options and X-Content-Security-Policy. These two browser security features aim to protect users against clickjacking attacks. If you’re unfamiliar with clickjacking, this presentation by Paul Stone at Black Hat EU 2010 provides an … Continue reading

Posted in MantisBT | 11 Comments