Serious security issues with Ex Libris Alma and Primo VE headers (or lack thereof)
Got our Evergreen instance up to a B+ with about a half an hour of work. Should be pretty generalizable, too.
But the reliance on the ancient Dojo framework is going to kill any chance of applying a Content Security Policy without 'unsafe-inline' and 'unsafe-eval'.
@dbs your earlier post got me curious and I did the same to the personal instance I manage tonight. 🙂 But yeah, the gap from B+ to A is gonna be a looong one.
code4lib.social is a GLAM-themed Mastodon Instance.