[
https://issues.apache.org/jira/browse/NIFI-7689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17168024#comment-17168024
]
Nathan Gough commented on NIFI-7689:
------------------------------------
No as far as I'm aware the only way this is configured is through code. I don't
believe there's a way to configure Jetty security headers using a configuration
file for NiFi. This is because NiFi runs Jetty in embedded mode, and enables
the security headers when it initializes Jetty. There may be a way for us to
add the feature of configurable headers in future, but as it stands, NiFi
headers/security headers are not configurable for any existing releases.
> QID 11827 Security Headers
> --------------------------
>
> Key: NIFI-7689
> URL: https://issues.apache.org/jira/browse/NIFI-7689
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Reporter: Jon McAlexander
> Priority: Major
> Labels: compliance, headers, web
>
> Looking for appropriate document to configure the HTTP Security Headers to
> satisfy a Qualsys ID 11827 Finding on Apache Nifi. Please advise.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
