How to edit HSTS (HTTP Strict Transport Security) settings?

Similar Messages

• Is there a way to disable the HSTS ( HTTP Strict Transport Security ) list built into Firefox or to allow exceptions?

  HSTS is problematic in that it incorrectly assumes that all users trust the default list of CAs and makes the adding of exceptions impossible even by advanced users.
  For example, torproject.org is inaccessible on Firefox unless I am willing to trust DigiCert to never sign a fake certificate either by negligence or by court order of any country in witch they operate, thereby making every https: site ( not just torproject.org ) vulnerable to a MITM attack.
  A user disabling CAs in the browser is not unreasonable given the ever growing list of CAs built into Firefox ( each one a potential point of failure ), the number of CAs that have been recently compromised and the very low standards required to obtain a certificate.
  While I understand the desire to protect the average user who doesn't understand how certificates work and will click past warnings without reading them, this protection should not come at the expense of more security conscious users.
  I would recommend an about:config setting that would allow the creation of exceptions by users who explicitly choose to do so.
  So far the only kludge I have been able to come up with is to modify c:\program files\mozilla firefox\xul.dll with a hex editor and replace the sites on the list ( this is far from an ideal solution ).

  dumdidadida: Thanks for your reply, but it doesn't address the problem. HSTS is designed to FORCE the use of https, this is a good thing in most cases. However, HSTS is problematic in that it incorrectly assumes that all users trust the default list of CAs and makes the adding of exceptions impossible even by advanced users.
  torprojec.org is just an example, this effects every HSTS site. You can reproduce this problem yourself in version 17 or later if you temporary disable "DigiCert High Assurance EV Root CA" in your certificate store and then visit torproject.org. You will notice the ability to add exceptions has been removed and that the cert_override.txt file found in the user's profile is also ignored.

• HTTP Strict Transport Security (HSTS) support in Weblogic?

  Hi Gurus,
  1) Does Weblogic 10.3.3+ support HTTP Strict Transport Security (HSTS)?
  2) Has anyone experienced with implementation of the HTTP Strict Transport Security (HSTS) header in Weblogic 10.3.3?
  Thanks in advance.
  James

  Hi Friends, Thanks for reply, none of them solves my issue. Also I have one simple question, Gmail works fine in IE and Chrome but not in Firefox, this purely means my security application (antivirus etc) are not playing any role in the error displayed.
  This looks like some issue in Firefox only....

• HTTP Strict Transport Security support in Weblogic 10.3.3+

  Hi Gurus,
  1) Does Weblogic 10.3.3+ support HTTP Strict Transport Security (HSTS)?
  2) Has anyone experienced with implementation of the HTTP Strict Transport Security (HSTS) header in Weblogic 10.3.3?
  Thanks in advance.
  James

  Hi John,
  Here are your answers :)
  1) WebLogic 10.3 supports SCA. The Tech Preview, as its name tells, was a preview of the final release which is now out. The full package installer will provide the latest version of WebLogic 10.3.
  2) Since the Tech Preview is incomplete compared to the version you can find on OTN, no need to download it.
  However, I experienced some problems using SCA on a sample domain.
  I had to unzip another complementary JAR to make it work. This JAR was supplied with the TP. I may send you a copy through email if you wish since the JAR is nowhere to be found.
  But please note that BEA has chosen to use a Fabric3 implementation. Oracle has its own. Thus I don't think this SCA implementation will last long in WebLogic ... (http://fabric3.codehaus.org/)
  I bet that in a very next future, with the 11G version, SCA will full work and won't have anything to do with Fabric3.
  Hope this helps.
  Regards.
  Edited by: Maxence Button on Nov 9, 2008 2:52 PM

• How to "Ink Markup" a PDF when Security Settings won't Allow it?

  I am an onsite computer tech support person and have been asked to solve a problem that is outside my expertise, and would appreciate any help I can find here.
  The Doctor's office recieves electronic faxes from pharmacies that require the doctor's signature before being electronically faxed back, approving the medication or whatever.  Sometimes the faxes come in as .jpg files, and the doctor can use Windows Paint to "sign" a scribble in the image and send it back to the pharmacy.  But sometimes the electronic faxes come in as PDF files, and we hare having a lot of trouble figuring out how to quickly open Adobe Reader (either X or 9.2.0), make a scribble, save the image and shoot it back to the pharmacy, quickly.
  I've been doing some research and while the tool "Documents>Sign>Apply Ink Signature" exists, it is non-functional.  In each case, the PDF files "Securities" settings does not allow for "Signing", so my theory is that there is some property in the document that prevents Adobe Reader from allowing a scribble to be made on the file.  I have been able to get Foxit Reader to do this, and this could be a workaround solution, but all the staff are familiar with Adobe Reader, no one has ever used Foxit before, I'm reluctant to add yet another software into their work environment, particularly if Adobe Reader has the ability to do what we want.
  Am I correct, that the properties are the problem?  Can these be changed in order to allow the scribble?  Is this a global (computer) setting, or are they going to have to do this on a document-by-document basis.
  Thanks in advance for any help.
  J. Quick

  George,
  Again I thank you for your detailed and informative response.  I think the office in general would prefer to stay with what they know (Adobe), but the idea of having only one workstation capable of manually configuring the documents would make the whole process too cumbersome.  Do you happen to know if there is a "corporate" license, where the office could purchase the ability to use say, 5 installations of Adobe Acrobat?  And if so, what that might cost?
  It's true that FoxIt allows you to do this with unsecured documents, and that it's free. But it too would be unable to work with documents that have security restrictions that prevent commenting.
  This is the thing.  The documents I was unable to "sign" using Adobe Reader had some kind of "security restrictions" as the Properties said specifically that "signing" was "not allowed", yet Foxit had no issue with this, so I am wondering if the impediments to editting these documents are something that is some kind of default behavior by Adobe Reader, as they were not created by Adobe, yet when they arrive in PDF form, Adobe assumes they cannot be "signed".  I think it's a "you can't, unless the document says you can" type of situation, but only for Adobe.  I don't think Foxit is playing by Adobe's rules.
  While the office may have different types of PDF's coming in & out for various reasons, there is only one class of PDFs that need a manual "signature".  The "old way" of doing it was to print the PDF to paper, sign the paper, then scan the paper back to electronic format and then send it off via (internet-based) FAX.  Very cumbersome.
  These documents are electronically generated; there is no "author" per se.  No one is delibarately setting any kind of Security Setting to allow or prohibit "signing".  It just now occured to me that finding out how these documents come to us in this condition is worth pursuing, because it may be a simple matter of changing the way these faxes are recieved to have them come in as editable JPG files, rather than Security-encumbered PDF's.  I just spend some time troubleshooting a driver issue for a Scanner, and found out you can choose it's output to be BMP, JPG, etc... so I am wondering if there is the ability to alter how an incoming FAX is outputted.
  Again I think you for your time and expertise,
  J. Quick

• How to edit 'uses-sdk' element in manifest settings

  Hi,
  I created an Android App that works perfectly on my HTC Inspire.  It's just three buttons that link to web pages, a browser loads, very basic. I got it to install on 3 android devices, but it doesn't install on a Galaxy Tab and another unknown android device.  Those devices get a Parse Error.
  So I searched around and I found this possible solution from a few days ago:
  http://www.droidforums.net/forum/rescue-squad-help/148308-error-while-installing-android-a pplication-problem-parsing-package.html
  After hours of search, i found a little answer, actually it has every thing to do with the manifest, i changed the minSdkVersion="8" to minSdkVersion="7", and it worek on the first samsung mobile that i found, i have to check with other mobiles, but i think that is the solution!
  I decided that I better figure out how to edit the Manifest, only to find that:
  I found this bit of unsettling information in the Community Help files:
  uses-sdk elementI see there is a checkbox to 'Manually manage premissions and manifest additions in the application descriptor file.' But i'm not sure if I can just add the line
  You cannot include a uses-sdk element.
  <uses-sdk android:minSdkVersion="7" />
  Any work arounds?
  Thanks in advance!
  Tek

  Hi Pooja
  You can find the text in <b>ResourceEditControl**.properties</b> file, which is available under   <i>com.sap.km.cm.ui\lib\km.appl.ui.edit_api\com\sapportals\wcm\control\edit</i>..
  The text is represented by the key <b>txtUploadControl</b>..
  Regards,
  Sandip

• How can i locate my wireless connection security settings

  I need to see the type of security that my iPhone4 get when connected to my home router. Thanks

  Log in to your router - you should be able to determine what security settings are enabled.
  The phone doesn't tell you this infomation.

• How to edit video & exprt in same original settings & lose no quality

  I have always wondered how to do this.
  How can i say, for example, caoture video in DV PAL, bring it into FCP, cut it up, and export it back to DV PAL in the same exact quality that it began. Is it as simple as choosing the same settings for sequence and render settings?
  Also, if i did a screen capture and used the codec Sorenso Video 3, but then wanted to edit it in fcp, how would i edit it and export it so that no qaulity is lost?
  I just want to know if exporting it in the same original settings effects the video, because i know that if you get a 192 bitrate mp3 track and export it using 192 bitrate setting, it recompresses the mp3 again. Is this the same for video.
  If so, how do i got about changing contents in a video, but then export it at the same settings as the previous without losing quality
  Thank guys

  Doan
  You already told me that dv is fine, does this go with all the other formats.
  Sure!
  Also just something quickly of topic a bit. If i export say a .mov on the mac, and say in particular sorenso video 3, are these compatiable on a windows. Because i remeber one time when i capture my dv pal footage on fcp, i couldn't open it on a pc at all.
  I found the following info in Sorenson Site. Look at the Playback requirements in the end of that page.
  HERE IS THE LINK
  http://www.sorensonmedia.com/pages/?pageID=73
  Hope that helps !
    Alberto
  Message was edited by: Silal

• How do I re-size the Password Security -Settings dialog box when Encrypting with a Password?

  My dialog box is extremely large and the OK and Cancel buttons extend off the bottom of my monitor.

  Yes, I have the same problem! It is driving me crazy as I don't have a clue what code they want me to put in and now everytime I try a new one my phone is disabled and I have to wait half an hour until I can try another one! It's ridiculous!!!
  I am praying that someone finds a solution soon!!!

• How to edit a Forms Central form in PDF

  Using Adobe Acrobat XI which i normally use to create forms, I am able to open the Forms Central PDF that I created. However it says it is secured and I can't edit it.  Is there a way to create a PDF from Forms Central that isn't secured?  Any other solution?

  This FAQ explains how to edit it:
  http://forums.adobe.com/docs/DOC-3661

• Security settings: prevent "save as..." !?

  Hello there, I am using Acrobat 9 standard and would like to know how I can manage to set up security settings of a document in such a way that the "save as..." menue-entry will be disabled.
  I can manage to prevent printing and saving the same document again - no problem. But I need to make sure that the reader of a document does not save it under a different name.
  How can this be done?
  Thanks for any advice.
  Wolfgang Armbruster

  We _are_ using Acrobat Reader to display these files within an Intranet. If you open such a file as an embedded PDF in Firefox you will see a buttonbar at the top with icons to print and to save and so on.
  I do not have problems to make the print icon greyed out and unusable. But I need to do the same thing with the "save as" icon.
  And are you really saying this can not be done? Acrobat support told me before buying the software "this can be done"... though they will not tell me how... I need to clarify this in some forums...
  So I'm still hoping to get better advice...!?

• How do you change security settings to edit a file?

  I have a form that I created that I would like to make some changes to. When I try to edit the file it tells me that the security setting will not allow me to edit the file. Can anyone help me with this?

  This FAQ describes how to edit a FormsCentral PDF in Acrobat - remember to be careful of the changes you make so you do not break the form submission if it is submitting data to FormsCentral: http://forums.adobe.com/docs/DOC-3661
  Thanks,
  Josh

• HT201303 How can edit the 3 security question its only two question had shown up?

  how to edit 3 security question for my itunes id?

  Mary Jane,
  See if these suggestions help:
  http://support.apple.com/kb/TS1440?viewlocale=en_US
  Regards,
  Captfred

• Consuming an External Web Service using HTTPS and WS Security

  Hello everyone,
  I'm having a problem setting the security information in a SOAP header using a generated ABAP Client Proxy to consume an external web service that requires a User ID and Password in the Header section of the SOAP message.  I need to use HTTPS. I'm on a WAS 7.01 SP08 system so from my readings, SAP is supposed to be able to add the username and password into the header section of the message.  I can't seem to get SAP to add this information added to the header.
  Here are the steps that I have taken to set the security values.
  1) Created the client proxy from the WSDL in SE80.  Basic Authentication on the Configuration tab was turned on automatically.
         Note, Transport Security is set to None.  I cannot change it.
  2) Created an outbound set user name profile in transaction WSPROFILE with the appropriate username and password.
  3) Added the profile to the default port in transaction LPCONFIG as an outbound under the WS Security section of the screen.
  When I called the external Web Service, I got back the following error message:
  com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5509E: A security token whose type is [http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken] is required.
  So, after reading through this Forum, I saw that I needed to use the SOAMANAGER.  I set up a Proxy in the SOAMANAGER and manually created the Logical Port.  This was the only way I could figure out how to set the Authentication Settings in the Logical Port to "User ID / Password".  I then entered the User ID and Password.
  However, I am still getting the same error message.  I feel I am close but missing some small configuration to tell SAP to use WS Security with a Username token.
  I'm not sure what I'm doing wrong, so any help would be appreciated.
  Thanks,
  Stephen

  I had this error again so I thought I would post my solution:
  The issue is SAP needs to know the certificates being used by the web site being called.  These certificates are automatically installed in your browser but need to be manually installed in SAP.  This is what I did:
  How to find/install new certificates
  Make sure you run Internet Explorer as an Administrator so you can export the certificates
  Go to the web site that SAP is trying to call in Internet Explorer
  Double click on the lock in the address bar
  View certificates
  Find the certificates that are being used
  Tools --> Internet Options --> Content --> Certificates
  Click on the “Trusted Root Certification Authorities” tab
  Find the certificate identified in step iii
  Export as a CER certificate
  Click on the “Intermediate Certification Authorities” tab
  Find the certificate identified in step iii
  Export as a CER certificate
  Go to STRUST in SAP
  Import the Certificates in the “Anonymous” or “Standard” SSL client
  Save
  RESTART the ICM via t-code SMICM  <-- Critical!!!
  Test

• Need Help on How to Change The Encryption Key and or Change security settings

  Hello, i just installed the wireless router and i would like to know how i can change the encryption key or change the security settings (i want it so you do not have to answer it with a password). Thank you in advance.
  Message Edited by DARK_MARIO on 01-06-200706:10 PM

  Hi…
  In order to change the wireless settings of your router you need to login into the router configuration page. Open your internet explorer browser…in the address bar type http://192.168.1.1 ( Default IP address). Leave the username field balnk……type admin as password (If you have not changed the router password). When the setup page loads fully…..click on the tab that says wireless. Just below the main tab wireless ….click on the sub tab that says wireless security. You can Change the wireless security settings here. After the changes are made click on save settings.