[jira] [Commented] (AIRFLOW-6353) security - ui - add click jacking defence

ASF subversion and git services (Jira) Fri, 03 Jan 2020 07:27:53 -0800


    [ 
https://issues.apache.org/jira/browse/AIRFLOW-6353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17007570#comment-17007570
 ]


ASF subversion and git services commented on AIRFLOW-6353:
----------------------------------------------------------

Commit e36ecb4c99f9e983d9b9554f03324b5dc108b9c6 in airflow's branch 
refs/heads/master from tooptoop4
[ https://gitbox.apache.org/repos/asf?p=airflow.git;h=e36ecb4 ]

[AIRFLOW-6353] security - ui - add click jacking defence (#6995)



> security - ui - add click jacking defence
> -----------------------------------------
>
>                 Key: AIRFLOW-6353
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-6353
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: security, ui
>    Affects Versions: 1.10.3
>            Reporter: t oo
>            Assignee: t oo
>            Priority: Major
>             Fix For: 2.0.0
>
>
> www/app.py Add Click jacking defence
>  
> Fix:
> at the end of     
> def create_app(config=None, testing=False):
> @app.after_request
> def apply_caching(response):
> response.headers["X-Frame-Options"] = "DENY"
> return response



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (AIRFLOW-6353) security - ui - add click jacking defence

Reply via email to