Tamás Hanicz created KNOX-3111:
----------------------------------
Summary: HSTS headers are missing for 404 responses
Key: KNOX-3111
URL: https://issues.apache.org/jira/browse/KNOX-3111
Project: Apache Knox
Issue Type: Improvement
Components: Server
Affects Versions: 2.2.0
Reporter: Tamás Hanicz
Assignee: Tamás Hanicz
Strict-Transport-Security header is missing for 404 responses. The
"strict.transport.enabled" configuration is set in the WebAppSec provider
topology wide. To include the header on 404 as well jetty has to be configured
with a custom handler. However this is a global configuration which would mean
every response will include this header.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
