0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

fix: replace INFO with IGNORE in zap rules (#4285)

* fix: replace INFO with IGNORE

replace INFO with IGNORE

* fix: update the rules

update the rules
This commit is contained in:
simeng-li 2023-08-10 17:19:40 +08:00 committed by GitHub
parent 583e2fcded
commit af2d1ebb98
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,9 +1,14 @@
# Mark the following rules as INFO # Mark the following rules as IGNORE
# CloudFlare will block the metadata endpoint access # CloudFlare will block the metadata endpoint access
90034 INFO (Cloud Metadata Potentially Exposed - Active/release) 90034 IGNORE (Cloud Metadata Potentially Exposed - Active/release)
10096 INFO (Timestamp Disclosure - Passive/release) # Not applicable to the cloud appliaction
10063-1 INFO (Permissions Policy Header Not Set - Passive/beta) 10096 IGNORE (Timestamp Disclosure - Passive/release)
10055-4 INFO (CSP - Wildcard Directive) 40039 IGNORE (Web Cache Deception)
40039 INFO (Web Cache Deception)
# TODO
10063 IGNORE (Permissions Policy Header Not Set - Passive/beta)
# The applicationInsights endpoint will be removed
10055 IGNORE (CSP - Wildcard Directive)