Dashboard shows inappropriate warnings about automatic HTTP security diagnostic
Steps to reproduce:
- Install dmaster with recent version (e.g. 5.13.alpha1). (Or, if you already have one, then make sure to log out of it.)
- Clear caches (e.g.
- Observe the dashboard:
I did a
git bisect and traced this to 4094935a, which changes the technique for detecting HTTP security issues (i.e.
get_headers() replaced with similar Guzzle calls). Apparently, Guzzle is more noisy, which sounds generally good... except in this case, HTTP errors are expected and desired - and should not be reported.