SCIM bridge Missing Web Security Headers
One of our external security testing tools has highlighted two issues with web security best practices missing from the SCIM bridge app.
-Missing HSTS Headers
-Missing Permissions Policy
These can be seen by putting the scim bridge url into: https://securityheaders.com/
Are there any plans to implement these headers into the SCIM bridge app?
SCIM bridge version version: 2.9.1
See image below for the results from ours.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
