This is an automated email from the ASF dual-hosted git repository. wuzhiguo pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push: new f94e502c06 AMBARI-25159: http.strict-transport-security change does not take affect (#3422) f94e502c06 is described below commit f94e502c06c1e40baefbb084567f41673b2525fd Author: Zhiguo Wu <wuzhi...@apache.org> AuthorDate: Wed Oct 26 00:06:06 2022 +0800 AMBARI-25159: http.strict-transport-security change does not take affect (#3422) --- .../apache/ambari/server/configuration/spring/ApiSecurityConfig.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java index c551e5e219..06a0ee1bd5 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java @@ -89,7 +89,8 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter{ http.csrf().disable() .authorizeRequests().anyRequest().authenticated() .and() - .headers().frameOptions().disable().and() + .headers().httpStrictTransportSecurity().disable() + .frameOptions().disable().and() .exceptionHandling().authenticationEntryPoint(ambariEntryPoint) .and() .addFilterBefore(guiceBeansConfig.ambariUserAuthorizationFilter(), BasicAuthenticationFilter.class) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@ambari.apache.org For additional commands, e-mail: commits-h...@ambari.apache.org