Security: CSP header not set #201
Description
2025-04-28T12:57:53.0293690Z │ ✅ DynamicFuzzingReportCompliant
2025-04-28T12:57:53.0298286Z └───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
2025-04-28T12:57:53.0304870Z The dynamic scan https://dev.azure.com/bentleycs/beconnect/_apis/test/Runs/56272604/Attachments/2 (ZapPassive.json)
2025-04-28T12:57:53.0310449Z contains medium security issue(s) that need to be addressed in over the next 90 days and that are not listed as false
2025-04-28T12:57:53.0316197Z positives in the PSS. Detected issues: Content Security Policy (CSP) Header Not Set
2025-04-28T12:57:53.0321384Z (https://qa-presentationruleseditor.bentley.com) -> 87 days left until release block, Missing Anti-clickjacking Header
2025-04-28T12:57:53.0325790Z (https://qa-presentationruleseditor.bentley.com) -> 87 days left until release block.
2025-04-28T12:57:53.0332271Z The dynamic scan https://dev.azure.com/bentleycs/beconnect/_apis/test/Runs/56272659/Attachments/2 (ZapActive.json)
2025-04-28T12:57:53.0336762Z contains medium security issue(s) that need to be addressed in over the next 90 days and that are not listed as false
2025-04-28T12:57:53.0341208Z positives in the PSS. Detected issues: Content Security Policy (CSP) Header Not Set
2025-04-28T12:57:53.0345743Z (https://qa-presentationruleseditor.bentley.com) -> 87 days left until release block, Missing Anti-clickjacking Header
2025-04-28T12:57:53.0350094Z (https://qa-presentationruleseditor.bentley.com) -> 87 days left until release block.