[ https://issues.apache.org/jira/browse/KNOX-1323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Phil Zampino resolved KNOX-1323. -------------------------------- Resolution: Fixed > Reconcile WebAppSecurity provider X-Frame-Options and X-Content-Type-Options > param names > ---------------------------------------------------------------------------------------- > > Key: KNOX-1323 > URL: https://issues.apache.org/jira/browse/KNOX-1323 > Project: Apache Knox > Issue Type: Bug > Components: AdminUI, Server, Site > Affects Versions: 1.1.0 > Reporter: Phil Zampino > Assignee: Phil Zampino > Priority: Major > Fix For: 1.1.0 > > > The X-Frame-Options params for the WebAppSec provider do not match what is > documented. > Since the implementation is being used (e.g., manager.xml, knoxsso.xml), the > appropriate resolution is to correct the docs. > Additionally, since the Admin UI support for this was based on the docs, it > also needs to be updated to produce the correct params. > Further, the X-Content-Type-Options param names should be similar in form to > the X-Frame-Options param names. > The correct param names are: > * xframe.options > * xframe.options.enabled > * xcontent-type.options > * xcontent-type.options.enabled > The User Guide must be updated to reflect the correct X-Frame-Options param > names; it currently describes xframe-options.enabled and xframe-options.value > -- This message was sent by Atlassian JIRA (v7.6.3#76005)