Feature: #91354 - Integrate server response security checks¶
See forge#91354
Description¶
In order to evaluate potential server misconfigurations and to reduce the potential of security implications in general, a new HTTP response check is integrated to "Environment Status" and the "Security" section in the reports module.
Impact¶
It is evaluated whether non-standard file extensions lead to unexpected
handling on the server-side, such as test.php.wrong
being evaluated
as PHP or test.html.wrong
being served with text/html
content type.
Details are explained in TYPO3 Security Guidelines for Administrators.