web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages / Implement HTTP Strict ...
Power Pages
Unanswered

Implement HTTP Strict transport security header Portal

(0) ShareShare
ReportReport
Posted on by Pruss10 57

Hi Guys,

 

In one of the security scan reports, there are two vulnerability findings from the portal - 

1. HTTP Strict Transport Security (HSTS) header is not configured (Remediation mentioned - It is recommended to implement HTTP Strict-Transport-Security response header which will let the web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP.)

2. Cache-Control Header not properly configured (Remediation mentioned - Set the Cache-control response header to "no-cache, no-store, expires 0" on all responses.)

 

Can you kindly let me know how to enable these settings in Power Portal. Attaching screenshots from browser Network tool for better reference.

@OOlashyn @ragavanrajan @OliverRodrigues 

HTTP Strict Transport.JPG
CacheControl.JPG
Categories:
Power Apps portals
I have the same question (0)
  • OOlashyn Profile Picture
    OOlashyn 3,496 Most Valuable Professional on at

    Hi @Pruss10,

    Can you open a ticket with MS and share your findings from security scan report? I hope that will help MS to mitigate those issues from their end. Meanwhile, as a workaround you can use Head/Bottom content snippet that is added at the end of the head tag of all pages. You can set Cache-Control via meta tag (you should be able to do this with HSTS as well but I never tried it):

    <meta http-equiv="Cache-control" content="no-cache">

     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the January Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Pages

#1
Suriyanarayanan V Profile Picture

Suriyanarayanan V 45

#2
oliver.rodrigues Profile Picture

oliver.rodrigues 14 Most Valuable Professional

#3
DP_Prabh Profile Picture

DP_Prabh 13

Last 30 days Overall leaderboard

Featured topics

Solution to LinkedIn Authentication in Power Apps Portals
Welcome to the Power Pages forum!

Product updates

Microsoft Power Platform Community release plans