Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join the FabCon + SQLCon recap series. Up next: Power BI, Real-Time Intelligence, IQ and AI, and Data Factory take center stage. All sessions are available on-demand after the live show. Register now

Reply
M_Hassanien
New Member

Power Bi Report Server Security issues

‎06-20-2023 06:37 AM

We have 3 main security issues that need support to fix as follows:

 - Missing security headers :
  Best practice measures recommend the implementation of the following headers to aid in strengthening user protection within modern browsers:
1. X-Frame-Options
2. X-Xss-Protection
3. Strict-Transport-Security
4. X-Content-Length
5. Content-Security-Policy

 

-Server Fingerprinting:

The application responses expose information about the server. This will help the threat actor to find known vulnerabilities.

Recommendation: Any information that could indicate the back-end technologies should be removed or modified. Please disable "Server" in response headers.

 

-Missing HTTP Only and Secure Flags

The application uses several cookies missing one or more cookie security flags such as HTTP only and secure. Cookie flags must be set appropriately to avoid compromise of user session cookies.

Recommendation: Ensure that cookies have only HTTP and secure, flags set.

 

kindly we need step by step guide to fix the above issues 

Labels:
Message 1 of 1
596 Views
0 REPLIES 0

Helpful resources

Announcements
April Power BI Update Carousel

Power BI Monthly Update - April 2026

Check out the April 2026 Power BI update to learn about new features.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

FabCon and SQLCon Highlights Carousel

FabCon &SQLCon Highlights

Experience the highlights from FabCon & SQLCon, available live and on-demand starting April 14th.

View All