hanicz opened a new pull request, #1007:
URL: https://github.com/apache/knox/pull/1007
## What changes were proposed in this pull request?
This PR introduces the ability to enable `Strict-Transport-Security` header
globally for all responses (even 404). Currently there is a topology wide
configuration in the WebAppSec provider. The users now can enable it for only
specific topologies or globally as well. If both is enabled and there is a
request for that specific topology the WebAppSec configuration will take
precedence.
To enable the global configuration the below is required in the
gateway-site.xml configuration file. The `option` config is optional, the
default value is `max-age=31536000` (Its the same for the WebAppSec provider as
well).
```
<property>
<name>gateway.strict.transport.enabled</name>
<value>true</value>
</property>
<property>
<name>gateway.strict.transport.option</name>
<value>max-age=31</value>
</property>
```
## How was this patch tested?
Unit tests.
Manual tests locally.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
