[
https://issues.apache.org/jira/browse/NIFI-5968?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nathan Gough updated NIFI-5968:
-------------------------------
Description:
Some HTTP security headers could be added to improve NiFi security stance.
These include: Strict-Transport-Security (HSTS), X-XSS-Protection, and
Content-Security-Policy.
Relates/duplicates to NIFI-2437
was:
Some HTTP security headers could be added to improve NiFi security stance.
These include: Strict-Transport-Security (HSTS), X-XSS-Protection, and
Content-Security-Policy.
> Add standard HTTP security headers
> ----------------------------------
>
> Key: NIFI-5968
> URL: https://issues.apache.org/jira/browse/NIFI-5968
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 1.8.0
> Reporter: Nathan Gough
> Assignee: Nathan Gough
> Priority: Major
> Labels: headers, http, security
> Fix For: 1.9.0
>
> Time Spent: 4h 40m
> Remaining Estimate: 0h
>
> Some HTTP security headers could be added to improve NiFi security stance.
> These include: Strict-Transport-Security (HSTS), X-XSS-Protection, and
> Content-Security-Policy.
>
> Relates/duplicates to NIFI-2437
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
