airflow-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (Jira)" <j...@apache.org>
Subject [jira] [Commented] (AIRFLOW-6353) security - ui - add click jacking defence
Date Fri, 03 Jan 2020 15:27:00 GMT

    [ https://issues.apache.org/jira/browse/AIRFLOW-6353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17007569#comment-17007569
] 

ASF GitHub Bot commented on AIRFLOW-6353:
-----------------------------------------

potiuk commented on pull request #6995: [AIRFLOW-6353] security - ui - add click jacking defence
URL: https://github.com/apache/airflow/pull/6995
 
 
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> security - ui - add click jacking defence
> -----------------------------------------
>
>                 Key: AIRFLOW-6353
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-6353
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: security, ui
>    Affects Versions: 1.10.3
>            Reporter: t oo
>            Assignee: t oo
>            Priority: Major
>
> www/app.py Add Click jacking defence
>  
> Fix:
> at the end of     
> def create_app(config=None, testing=False):
> @app.after_request
> def apply_caching(response):
> response.headers["X-Frame-Options"] = "DENY"
> return response



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message