[jira] [Updated] (FALCON-2117) Implement X-Frame-Options header for Falcon UI

Sowmya Ramesh (JIRA) Tue, 16 Aug 2016 16:57:35 -0700

     [ 
https://issues.apache.org/jira/browse/FALCON-2117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Sowmya Ramesh updated FALCON-2117:
----------------------------------
    Description: 
implement the X-Frame-Options for Falcon UI: DENY header in response.

For security this should be implemented to prevent potential security issue 
allowing click-jacking.

1. Access Falcon UI via curl or browser. 
2. Check for X-Frame-Options in the Response Header.

  was:
implement the X-Frame-Options for Falcon UI: DENY header in HTTP response.

For security this should be implemented to prevent potential security issue 
allowing click-jacking.

1. Access Falcon UI via curl or browser. 
2. Check for X-Frame-Options in the Response Header.


> Implement X-Frame-Options header for Falcon UI
> ----------------------------------------------
>
>                 Key: FALCON-2117
>                 URL: https://issues.apache.org/jira/browse/FALCON-2117
>             Project: Falcon
>          Issue Type: Bug
>            Reporter: Sowmya Ramesh
>            Assignee: Sowmya Ramesh
>             Fix For: trunk
>
>
> implement the X-Frame-Options for Falcon UI: DENY header in response.
> For security this should be implemented to prevent potential security issue 
> allowing click-jacking.
> 1. Access Falcon UI via curl or browser. 
> 2. Check for X-Frame-Options in the Response Header.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (FALCON-2117) Implement X-Frame-Options header for Falcon UI

Reply via email to