----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73644/#review223868 -----------------------------------------------------------
Ship it! Ship It! - Pradeep Agrawal On Dec. 7, 2021, 1:31 p.m., Nitin Galave wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73644/ > ----------------------------------------------------------- > > (Updated Dec. 7, 2021, 1:31 p.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Jayendra Parab, > Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, and > Velmurugan Periasamy. > > > Bugs: RANGER-3443 > https://issues.apache.org/jira/browse/RANGER-3443 > > > Repository: ranger > > > Description > ------- > > Ranger does not return "X-Permitted-Cross-Domain-Policies" response header. > OWASP best practices suggest explicitly setting this header to "none". > > > Diffs > ----- > > > security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java > c50857940 > > > Diff: https://reviews.apache.org/r/73644/diff/1/ > > > Testing > ------- > > Tested that Added "X-Permitted-Cross-Domain-Policies" responce header. > > > Thanks, > > Nitin Galave > >