[
https://issues.apache.org/jira/browse/KNOX-3111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17946616#comment-17946616
]
ASF subversion and git services commented on KNOX-3111:
-------------------------------------------------------
Commit d699feb7eb980a7c60c5abf5d87a08eba6d4b991 in knox's branch
refs/heads/dependabot/maven/commons-io-commons-io-2.14.0 from hanicz
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=d699feb7e ]
KNOX-3111: Gobal config for HSTS headers (#1007)
> HSTS headers are missing for 404 responses
> ------------------------------------------
>
> Key: KNOX-3111
> URL: https://issues.apache.org/jira/browse/KNOX-3111
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 2.2.0
> Reporter: Tamás Hanicz
> Assignee: Tamás Hanicz
> Priority: Major
> Fix For: 2.2.0
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Strict-Transport-Security header is missing for 404 responses. The
> "strict.transport.enabled" configuration is set in the WebAppSec provider
> topology wide. To include the header on 404 as well jetty has to be
> configured with a custom handler. However this is a global configuration
> which would mean every response will include this header.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
