[
https://issues.apache.org/jira/browse/AIRFLOW-6353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17006482#comment-17006482
]
ASF GitHub Bot commented on AIRFLOW-6353:
-----------------------------------------
tooptoop4 commented on pull request #6911: [AIRFLOW-6353] security - ui - add
click jacking defence
URL: https://github.com/apache/airflow/pull/6911
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> security - ui - add click jacking defence
> -----------------------------------------
>
> Key: AIRFLOW-6353
> URL: https://issues.apache.org/jira/browse/AIRFLOW-6353
> Project: Apache Airflow
> Issue Type: Bug
> Components: security, ui
> Affects Versions: 1.10.3
> Reporter: t oo
> Assignee: t oo
> Priority: Major
>
> www/app.py Add Click jacking defence
>
> Fix:
> at the end of
> def create_app(config=None, testing=False):
> @app.after_request
> def apply_caching(response):
> response.headers["X-Frame-Options"] = "DENY"
> return response
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
