falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sowmya Ramesh (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (FALCON-2117) Implement X-Frame-Options header for Falcon UI
Date Tue, 16 Aug 2016 23:57:20 GMT

     [ https://issues.apache.org/jira/browse/FALCON-2117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Sowmya Ramesh updated FALCON-2117:
----------------------------------
    Description: 
implement the X-Frame-Options for Falcon UI: DENY header in response.

For security this should be implemented to prevent potential security issue allowing click-jacking.

1. Access Falcon UI via curl or browser. 
2. Check for X-Frame-Options in the Response Header.

  was:
implement the X-Frame-Options for Falcon UI: DENY header in HTTP response.

For security this should be implemented to prevent potential security issue allowing click-jacking.

1. Access Falcon UI via curl or browser. 
2. Check for X-Frame-Options in the Response Header.


> Implement X-Frame-Options header for Falcon UI
> ----------------------------------------------
>
>                 Key: FALCON-2117
>                 URL: https://issues.apache.org/jira/browse/FALCON-2117
>             Project: Falcon
>          Issue Type: Bug
>            Reporter: Sowmya Ramesh
>            Assignee: Sowmya Ramesh
>             Fix For: trunk
>
>
> implement the X-Frame-Options for Falcon UI: DENY header in response.
> For security this should be implemented to prevent potential security issue allowing
click-jacking.
> 1. Access Falcon UI via curl or browser. 
> 2. Check for X-Frame-Options in the Response Header.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message