[ https://issues.apache.org/jira/browse/NIFI-5968?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nathan Gough updated NIFI-5968: ------------------------------- Description: Some HTTP security headers could be added to improve NiFi security stance. These include: Strict-Transport-Security (HSTS), X-XSS-Protection, and Content-Security-Policy. Relates/duplicates to NIFI-2437 was: Some HTTP security headers could be added to improve NiFi security stance. These include: Strict-Transport-Security (HSTS), X-XSS-Protection, and Content-Security-Policy. > Add standard HTTP security headers > ---------------------------------- > > Key: NIFI-5968 > URL: https://issues.apache.org/jira/browse/NIFI-5968 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework > Affects Versions: 1.8.0 > Reporter: Nathan Gough > Assignee: Nathan Gough > Priority: Major > Labels: headers, http, security > Fix For: 1.9.0 > > Time Spent: 4h 40m > Remaining Estimate: 0h > > Some HTTP security headers could be added to improve NiFi security stance. > These include: Strict-Transport-Security (HSTS), X-XSS-Protection, and > Content-Security-Policy. > > Relates/duplicates to NIFI-2437 -- This message was sent by Atlassian JIRA (v7.6.3#76005)