Author: krisden
Date: Tue Nov 26 20:11:45 2019
New Revision: 1870473
URL: http://svn.apache.org/viewvc?rev=1870473&view=rev
Log:
KNOX-2138 - Add documentation for X-XSS-Protection option in WebAppSec Provider
(Vipin Rathor via Kevin Risden)
Modified:
knox/site/books/knox-1-0-0/deployment-overview.png
knox/site/books/knox-1-0-0/deployment-provider.png
knox/site/books/knox-1-0-0/deployment-service.png
knox/site/books/knox-1-0-0/general_saml_flow.png
knox/site/books/knox-1-0-0/runtime-overview.png
knox/site/books/knox-1-0-0/runtime-request-processing.png
knox/site/books/knox-1-1-0/deployment-overview.png
knox/site/books/knox-1-1-0/deployment-provider.png
knox/site/books/knox-1-1-0/deployment-service.png
knox/site/books/knox-1-1-0/general_saml_flow.png
knox/site/books/knox-1-1-0/runtime-overview.png
knox/site/books/knox-1-1-0/runtime-request-processing.png
knox/site/books/knox-1-1-0/user-guide.html
knox/site/books/knox-1-2-0/deployment-overview.png
knox/site/books/knox-1-2-0/deployment-provider.png
knox/site/books/knox-1-2-0/deployment-service.png
knox/site/books/knox-1-2-0/general_saml_flow.png
knox/site/books/knox-1-2-0/runtime-overview.png
knox/site/books/knox-1-2-0/runtime-request-processing.png
knox/site/books/knox-1-2-0/user-guide.html
knox/site/books/knox-1-3-0/deployment-overview.png
knox/site/books/knox-1-3-0/deployment-provider.png
knox/site/books/knox-1-3-0/deployment-service.png
knox/site/books/knox-1-3-0/general_saml_flow.png
knox/site/books/knox-1-3-0/runtime-overview.png
knox/site/books/knox-1-3-0/runtime-request-processing.png
knox/site/books/knox-1-3-0/user-guide.html
knox/site/books/knox-1-4-0/deployment-overview.png
knox/site/books/knox-1-4-0/deployment-provider.png
knox/site/books/knox-1-4-0/deployment-service.png
knox/site/books/knox-1-4-0/general_saml_flow.png
knox/site/books/knox-1-4-0/runtime-overview.png
knox/site/books/knox-1-4-0/runtime-request-processing.png
knox/site/books/knox-1-4-0/user-guide.html
knox/site/index.html
knox/site/issue-management.html
knox/site/licenses.html
knox/site/mailing-lists.html
knox/site/project-info.html
knox/site/team.html
knox/trunk/books/1.1.0/book.md
knox/trunk/books/1.1.0/config_webappsec_provider.md
knox/trunk/books/1.2.0/book.md
knox/trunk/books/1.2.0/config_webappsec_provider.md
knox/trunk/books/1.3.0/book.md
knox/trunk/books/1.3.0/config_webappsec_provider.md
knox/trunk/books/1.4.0/book.md
knox/trunk/books/1.4.0/config_webappsec_provider.md
Modified: knox/site/books/knox-1-0-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-provider.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-service.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/general_saml_flow.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/runtime-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/runtime-request-processing.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-provider.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-service.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/general_saml_flow.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/runtime-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/runtime-request-processing.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/user-guide.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/user-guide.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/books/knox-1-1-0/user-guide.html (original)
+++ knox/site/books/knox-1-1-0/user-guide.html Tue Nov 26 20:11:45 2019
@@ -96,6 +96,7 @@
<li><a href="#CSRF">CSRF</a></li>
<li><a href="#CORS">CORS</a></li>
<li><a href="#X-Frame-Options">X-Frame-Options</a></li>
+ <li><a href="#X-XSS-Protection">X-XSS-Protection</a></li>
<li><a href="#X-Content-Type-Options">X-Content-Type-Options</a></li>
<li><a href="#HTTP+Strict-Transport-Security+-+HSTS">HTTP
Strict-Transport-Security - HSTS</a></li>
</ul>
@@ -4064,6 +4065,7 @@ APACHE_HOME/bin/apachectl -k stop
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe.options.enabled</name><value>true</value></param>
+
<param><name>xss.protection.enabled</name><value>true</value></param>
<param><name>strict.transport.enabled</name><value>true</value></param>
</provider>
</code></pre>
@@ -4190,6 +4192,25 @@ APACHE_HOME/bin/apachectl -k stop
</tr>
</tbody>
</table>
+<h5><a id="X-XSS-Protection">X-XSS-Protection</a> <a
href="#X-XSS-Protection"><img src="markbook-section-link.png"/></a></h5>
+<p>Cross-site Scripting (XSS) type attacks can be prevented by adding the
X-XSS-Protection header to HTTP response. The <code>1; mode=block</code> value
will force browser to stop rendering the page if XSS attack is detected. </p>
+<h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
+<table>
+ <thead>
+ <tr>
+ <th>Name </th>
+ <th>Description </th>
+ <th>Default</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>xss.protection.enabled </td>
+ <td>This parameter specifies a particular value for the X-XSS-Protection
header. When it is set to true, it will add <code>X-Xss-Protection: '1;
mode=block'</code> header to HTTP response</td>
+ <td>false</td>
+ </tr>
+ </tbody>
+</table>
<h5><a id="X-Content-Type-Options">X-Content-Type-Options</a> <a
href="#X-Content-Type-Options"><img src="markbook-section-link.png"/></a></h5>
<p>Browser MIME content type sniffing can be exploited for malicious purposes.
Adding the X-Content-Type-Options HTTP header to responses directs the browser
to honor the type specified in the Content-Type header, rather than trying to
determine the type from the content itself. Most modern browsers support
this.</p>
<h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
Modified: knox/site/books/knox-1-2-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-provider.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-service.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/general_saml_flow.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/runtime-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/runtime-request-processing.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/user-guide.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/user-guide.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/books/knox-1-2-0/user-guide.html (original)
+++ knox/site/books/knox-1-2-0/user-guide.html Tue Nov 26 20:11:45 2019
@@ -96,6 +96,7 @@
<li><a href="#CSRF">CSRF</a></li>
<li><a href="#CORS">CORS</a></li>
<li><a href="#X-Frame-Options">X-Frame-Options</a></li>
+ <li><a href="#X-XSS-Protection">X-XSS-Protection</a></li>
<li><a href="#X-Content-Type-Options">X-Content-Type-Options</a></li>
<li><a href="#HTTP+Strict-Transport-Security+-+HSTS">HTTP
Strict-Transport-Security - HSTS</a></li>
</ul>
@@ -4064,6 +4065,7 @@ APACHE_HOME/bin/apachectl -k stop
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe.options.enabled</name><value>true</value></param>
+
<param><name>xss.protection.enabled</name><value>true</value></param>
<param><name>strict.transport.enabled</name><value>true</value></param>
</provider>
</code></pre>
@@ -4190,6 +4192,25 @@ APACHE_HOME/bin/apachectl -k stop
</tr>
</tbody>
</table>
+<h5><a id="X-XSS-Protection">X-XSS-Protection</a> <a
href="#X-XSS-Protection"><img src="markbook-section-link.png"/></a></h5>
+<p>Cross-site Scripting (XSS) type attacks can be prevented by adding the
X-XSS-Protection header to HTTP response. The <code>1; mode=block</code> value
will force browser to stop rendering the page if XSS attack is detected. </p>
+<h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
+<table>
+ <thead>
+ <tr>
+ <th>Name </th>
+ <th>Description </th>
+ <th>Default</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>xss.protection.enabled </td>
+ <td>This parameter specifies a particular value for the X-XSS-Protection
header. When it is set to true, it will add <code>X-Xss-Protection: '1;
mode=block'</code> header to HTTP response</td>
+ <td>false</td>
+ </tr>
+ </tbody>
+</table>
<h5><a id="X-Content-Type-Options">X-Content-Type-Options</a> <a
href="#X-Content-Type-Options"><img src="markbook-section-link.png"/></a></h5>
<p>Browser MIME content type sniffing can be exploited for malicious purposes.
Adding the X-Content-Type-Options HTTP header to responses directs the browser
to honor the type specified in the Content-Type header, rather than trying to
determine the type from the content itself. Most modern browsers support
this.</p>
<h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
Modified: knox/site/books/knox-1-3-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-provider.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-service.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/general_saml_flow.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/runtime-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/runtime-request-processing.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/user-guide.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/user-guide.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/books/knox-1-3-0/user-guide.html (original)
+++ knox/site/books/knox-1-3-0/user-guide.html Tue Nov 26 20:11:45 2019
@@ -97,6 +97,7 @@
<li><a href="#CSRF">CSRF</a></li>
<li><a href="#CORS">CORS</a></li>
<li><a href="#X-Frame-Options">X-Frame-Options</a></li>
+ <li><a href="#X-XSS-Protection">X-XSS-Protection</a></li>
<li><a href="#X-Content-Type-Options">X-Content-Type-Options</a></li>
<li><a href="#HTTP+Strict-Transport-Security+-+HSTS">HTTP
Strict-Transport-Security - HSTS</a></li>
</ul>
@@ -4291,6 +4292,7 @@ APACHE_HOME/bin/apachectl -k stop
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe.options.enabled</name><value>true</value></param>
+
<param><name>xss.protection.enabled</name><value>true</value></param>
<param><name>strict.transport.enabled</name><value>true</value></param>
</provider>
</code></pre>
@@ -4417,6 +4419,25 @@ APACHE_HOME/bin/apachectl -k stop
</tr>
</tbody>
</table>
+<h5><a id="X-XSS-Protection">X-XSS-Protection</a> <a
href="#X-XSS-Protection"><img src="markbook-section-link.png"/></a></h5>
+<p>Cross-site Scripting (XSS) type attacks can be prevented by adding the
X-XSS-Protection header to HTTP response. The <code>1; mode=block</code> value
will force browser to stop rendering the page if XSS attack is detected. </p>
+<h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
+<table>
+ <thead>
+ <tr>
+ <th>Name </th>
+ <th>Description </th>
+ <th>Default</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>xss.protection.enabled </td>
+ <td>This parameter specifies a particular value for the X-XSS-Protection
header. When it is set to true, it will add <code>X-Xss-Protection: '1;
mode=block'</code> header to HTTP response</td>
+ <td>false</td>
+ </tr>
+ </tbody>
+</table>
<h5><a id="X-Content-Type-Options">X-Content-Type-Options</a> <a
href="#X-Content-Type-Options"><img src="markbook-section-link.png"/></a></h5>
<p>Browser MIME content type sniffing can be exploited for malicious purposes.
Adding the X-Content-Type-Options HTTP header to responses directs the browser
to honor the type specified in the Content-Type header, rather than trying to
determine the type from the content itself. Most modern browsers support
this.</p>
<h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
Modified: knox/site/books/knox-1-4-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-provider.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-service.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/general_saml_flow.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/runtime-overview.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/runtime-request-processing.png?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/user-guide.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/user-guide.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/books/knox-1-4-0/user-guide.html (original)
+++ knox/site/books/knox-1-4-0/user-guide.html Tue Nov 26 20:11:45 2019
@@ -97,6 +97,7 @@
<li><a href="#CSRF">CSRF</a></li>
<li><a href="#CORS">CORS</a></li>
<li><a href="#X-Frame-Options">X-Frame-Options</a></li>
+ <li><a href="#X-XSS-Protection">X-XSS-Protection</a></li>
<li><a href="#X-Content-Type-Options">X-Content-Type-Options</a></li>
<li><a href="#HTTP+Strict-Transport-Security+-+HSTS">HTTP
Strict-Transport-Security - HSTS</a></li>
</ul>
@@ -4316,6 +4317,7 @@ APACHE_HOME/bin/apachectl -k stop
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe.options.enabled</name><value>true</value></param>
+
<param><name>xss.protection.enabled</name><value>true</value></param>
<param><name>strict.transport.enabled</name><value>true</value></param>
</provider>
</code></pre>
@@ -4442,6 +4444,25 @@ APACHE_HOME/bin/apachectl -k stop
</tr>
</tbody>
</table>
+<h5><a id="X-XSS-Protection">X-XSS-Protection</a> <a
href="#X-XSS-Protection"><img src="markbook-section-link.png"/></a></h5>
+<p>Cross-site Scripting (XSS) type attacks can be prevented by adding the
X-XSS-Protection header to HTTP response. The <code>1; mode=block</code> value
will force browser to stop rendering the page if XSS attack is detected. </p>
+<h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
+<table>
+ <thead>
+ <tr>
+ <th>Name </th>
+ <th>Description </th>
+ <th>Default</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>xss.protection.enabled </td>
+ <td>This parameter specifies a particular value for the X-XSS-Protection
header. When it is set to true, it will add <code>X-Xss-Protection: '1;
mode=block'</code> header to HTTP response</td>
+ <td>false</td>
+ </tr>
+ </tbody>
+</table>
<h5><a id="X-Content-Type-Options">X-Content-Type-Options</a> <a
href="#X-Content-Type-Options"><img src="markbook-section-link.png"/></a></h5>
<p>Browser MIME content type sniffing can be exploited for malicious purposes.
Adding the X-Content-Type-Options HTTP header to responses directs the browser
to honor the type specified in the Content-Type header, rather than trying to
determine the type from the content itself. Most modern browsers support
this.</p>
<h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
Modified: knox/site/index.html
URL:
http://svn.apache.org/viewvc/knox/site/index.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/index.html (original)
+++ knox/site/index.html Tue Nov 26 20:11:45 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
src/site/markdown/index.md at 2019-10-24
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
src/site/markdown/index.md at 2019-11-26
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20191024" />
+ <meta name="Date-Revision-yyyymmdd" content="20191126" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Announcing Apache Knox 1.3.0!</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-10-24</li>
+ <li id="publishDate">Last Published: 2019-11-26</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/issue-management.html
URL:
http://svn.apache.org/viewvc/knox/site/issue-management.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/issue-management.html (original)
+++ knox/site/issue-management.html Tue Nov 26 20:11:45 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:issue-management
at 2019-10-24
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:issue-management
at 2019-11-26
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20191024" />
+ <meta name="Date-Revision-yyyymmdd" content="20191126" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Issue Management</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-10-24</li>
+ <li id="publishDate">Last Published: 2019-11-26</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/licenses.html
URL:
http://svn.apache.org/viewvc/knox/site/licenses.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/licenses.html (original)
+++ knox/site/licenses.html Tue Nov 26 20:11:45 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:licenses at
2019-10-24
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:licenses at
2019-11-26
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20191024" />
+ <meta name="Date-Revision-yyyymmdd" content="20191126" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Licenses</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-10-24</li>
+ <li id="publishDate">Last Published: 2019-11-26</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/mailing-lists.html
URL:
http://svn.apache.org/viewvc/knox/site/mailing-lists.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/mailing-lists.html (original)
+++ knox/site/mailing-lists.html Tue Nov 26 20:11:45 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:mailing-lists
at 2019-10-24
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:mailing-lists
at 2019-11-26
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20191024" />
+ <meta name="Date-Revision-yyyymmdd" content="20191126" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Mailing Lists</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-10-24</li>
+ <li id="publishDate">Last Published: 2019-11-26</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/project-info.html
URL:
http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Tue Nov 26 20:11:45 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-site-plugin:3.7.1:CategorySummaryDocumentRenderer
at 2019-10-24
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-site-plugin:3.7.1:CategorySummaryDocumentRenderer
at 2019-11-26
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20191024" />
+ <meta name="Date-Revision-yyyymmdd" content="20191126" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Information</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-10-24</li>
+ <li id="publishDate">Last Published: 2019-11-26</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/team.html
URL:
http://svn.apache.org/viewvc/knox/site/team.html?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/site/team.html (original)
+++ knox/site/team.html Tue Nov 26 20:11:45 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:team at
2019-10-24
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:team at
2019-11-26
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20191024" />
+ <meta name="Date-Revision-yyyymmdd" content="20191126" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Team</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-10-24</li>
+ <li id="publishDate">Last Published: 2019-11-26</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/trunk/books/1.1.0/book.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.1.0/book.md?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/trunk/books/1.1.0/book.md (original)
+++ knox/trunk/books/1.1.0/book.md Tue Nov 26 20:11:45 2019
@@ -78,6 +78,7 @@
* #[CSRF]
* #[CORS]
* #[X-Frame-Options]
+ * #[X-XSS-Protection]
* #[X-Content-Type-Options]
* #[HTTP Strict-Transport-Security - HSTS]
* #[Websocket Support]
Modified: knox/trunk/books/1.1.0/config_webappsec_provider.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.1.0/config_webappsec_provider.md?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/trunk/books/1.1.0/config_webappsec_provider.md (original)
+++ knox/trunk/books/1.1.0/config_webappsec_provider.md Tue Nov 26 20:11:45 2019
@@ -55,6 +55,7 @@ Because of this one-to-many provider/fil
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe.options.enabled</name><value>true</value></param>
+ <param><name>xss.protection.enabled</name><value>true</value></param>
<param><name>strict.transport.enabled</name><value>true</value></param>
</provider>
@@ -108,6 +109,16 @@ Name | Description | D
xframe-options.enabled | This parameter enables the X-Frame-Options
capabilities|false
xframe-options.value | This parameter specifies a particular value for the
X-Frame-Options header. Most often the default value of DENY will be most
appropriate. You can also use SAMEORIGIN or ALLOW-FROM uri|DENY
+##### X-XSS-Protection
+
+Cross-site Scripting (XSS) type attacks can be prevented by adding the
X-XSS-Protection header to HTTP response. The `1; mode=block` value will force
browser to stop rendering the page if XSS attack is detected.
+
+###### Config
+
+Name | Description | Default
+-----------------------|-------------|---------
+xss.protection.enabled | This parameter specifies a particular value for the
X-XSS-Protection header. When it is set to true, it will add `X-Xss-Protection:
'1; mode=block'` header to HTTP response|false
+
##### X-Content-Type-Options
Browser MIME content type sniffing can be exploited for malicious purposes.
Adding the X-Content-Type-Options HTTP header to responses directs the browser
to honor the type specified in the Content-Type header, rather than trying to
determine the type from the content itself. Most modern browsers support this.
Modified: knox/trunk/books/1.2.0/book.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/book.md?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/book.md (original)
+++ knox/trunk/books/1.2.0/book.md Tue Nov 26 20:11:45 2019
@@ -78,6 +78,7 @@
* #[CSRF]
* #[CORS]
* #[X-Frame-Options]
+ * #[X-XSS-Protection]
* #[X-Content-Type-Options]
* #[HTTP Strict-Transport-Security - HSTS]
* #[Websocket Support]
Modified: knox/trunk/books/1.2.0/config_webappsec_provider.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/config_webappsec_provider.md?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/config_webappsec_provider.md (original)
+++ knox/trunk/books/1.2.0/config_webappsec_provider.md Tue Nov 26 20:11:45 2019
@@ -55,6 +55,7 @@ Because of this one-to-many provider/fil
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe.options.enabled</name><value>true</value></param>
+ <param><name>xss.protection.enabled</name><value>true</value></param>
<param><name>strict.transport.enabled</name><value>true</value></param>
</provider>
@@ -108,6 +109,16 @@ Name | Description | D
xframe-options.enabled | This parameter enables the X-Frame-Options
capabilities|false
xframe-options.value | This parameter specifies a particular value for the
X-Frame-Options header. Most often the default value of DENY will be most
appropriate. You can also use SAMEORIGIN or ALLOW-FROM uri|DENY
+##### X-XSS-Protection
+
+Cross-site Scripting (XSS) type attacks can be prevented by adding the
X-XSS-Protection header to HTTP response. The `1; mode=block` value will force
browser to stop rendering the page if XSS attack is detected.
+
+###### Config
+
+Name | Description | Default
+-----------------------|-------------|---------
+xss.protection.enabled | This parameter specifies a particular value for the
X-XSS-Protection header. When it is set to true, it will add `X-Xss-Protection:
'1; mode=block'` header to HTTP response|false
+
##### X-Content-Type-Options
Browser MIME content type sniffing can be exploited for malicious purposes.
Adding the X-Content-Type-Options HTTP header to responses directs the browser
to honor the type specified in the Content-Type header, rather than trying to
determine the type from the content itself. Most modern browsers support this.
Modified: knox/trunk/books/1.3.0/book.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.3.0/book.md?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/trunk/books/1.3.0/book.md (original)
+++ knox/trunk/books/1.3.0/book.md Tue Nov 26 20:11:45 2019
@@ -79,6 +79,7 @@
* #[CSRF]
* #[CORS]
* #[X-Frame-Options]
+ * #[X-XSS-Protection]
* #[X-Content-Type-Options]
* #[HTTP Strict-Transport-Security - HSTS]
* #[Websocket Support]
Modified: knox/trunk/books/1.3.0/config_webappsec_provider.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.3.0/config_webappsec_provider.md?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/trunk/books/1.3.0/config_webappsec_provider.md (original)
+++ knox/trunk/books/1.3.0/config_webappsec_provider.md Tue Nov 26 20:11:45 2019
@@ -55,6 +55,7 @@ Because of this one-to-many provider/fil
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe.options.enabled</name><value>true</value></param>
+ <param><name>xss.protection.enabled</name><value>true</value></param>
<param><name>strict.transport.enabled</name><value>true</value></param>
</provider>
@@ -108,6 +109,16 @@ Name | Description | D
xframe-options.enabled | This parameter enables the X-Frame-Options
capabilities|false
xframe-options.value | This parameter specifies a particular value for the
X-Frame-Options header. Most often the default value of DENY will be most
appropriate. You can also use SAMEORIGIN or ALLOW-FROM uri|DENY
+##### X-XSS-Protection
+
+Cross-site Scripting (XSS) type attacks can be prevented by adding the
X-XSS-Protection header to HTTP response. The `1; mode=block` value will force
browser to stop rendering the page if XSS attack is detected.
+
+###### Config
+
+Name | Description | Default
+-----------------------|-------------|---------
+xss.protection.enabled | This parameter specifies a particular value for the
X-XSS-Protection header. When it is set to true, it will add `X-Xss-Protection:
'1; mode=block'` header to HTTP response|false
+
##### X-Content-Type-Options
Browser MIME content type sniffing can be exploited for malicious purposes.
Adding the X-Content-Type-Options HTTP header to responses directs the browser
to honor the type specified in the Content-Type header, rather than trying to
determine the type from the content itself. Most modern browsers support this.
Modified: knox/trunk/books/1.4.0/book.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/book.md?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/trunk/books/1.4.0/book.md (original)
+++ knox/trunk/books/1.4.0/book.md Tue Nov 26 20:11:45 2019
@@ -79,6 +79,7 @@
* #[CSRF]
* #[CORS]
* #[X-Frame-Options]
+ * #[X-XSS-Protection]
* #[X-Content-Type-Options]
* #[HTTP Strict-Transport-Security - HSTS]
* #[Websocket Support]
Modified: knox/trunk/books/1.4.0/config_webappsec_provider.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/config_webappsec_provider.md?rev=1870473&r1=1870472&r2=1870473&view=diff
==============================================================================
--- knox/trunk/books/1.4.0/config_webappsec_provider.md (original)
+++ knox/trunk/books/1.4.0/config_webappsec_provider.md Tue Nov 26 20:11:45 2019
@@ -55,6 +55,7 @@ Because of this one-to-many provider/fil
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe.options.enabled</name><value>true</value></param>
+ <param><name>xss.protection.enabled</name><value>true</value></param>
<param><name>strict.transport.enabled</name><value>true</value></param>
</provider>
@@ -108,6 +109,16 @@ Name | Description | D
xframe-options.enabled | This parameter enables the X-Frame-Options
capabilities|false
xframe-options.value | This parameter specifies a particular value for the
X-Frame-Options header. Most often the default value of DENY will be most
appropriate. You can also use SAMEORIGIN or ALLOW-FROM uri|DENY
+##### X-XSS-Protection
+
+Cross-site Scripting (XSS) type attacks can be prevented by adding the
X-XSS-Protection header to HTTP response. The `1; mode=block` value will force
browser to stop rendering the page if XSS attack is detected.
+
+###### Config
+
+Name | Description | Default
+-----------------------|-------------|---------
+xss.protection.enabled | This parameter specifies a particular value for the
X-XSS-Protection header. When it is set to true, it will add `X-Xss-Protection:
'1; mode=block'` header to HTTP response|false
+
##### X-Content-Type-Options
Browser MIME content type sniffing can be exploited for malicious purposes.
Adding the X-Content-Type-Options HTTP header to responses directs the browser
to honor the type specified in the Content-Type header, rather than trying to
determine the type from the content itself. Most modern browsers support this.
