[
https://issues.apache.org/jira/browse/ATLAS-5160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Aditya Gupta updated ATLAS-5160:
--------------------------------
Description:
One of the headers included is X-XSS-PROTECTION, which is now deprecated and no
longer supported by modern browsers.
* Remove the X-XSS-PROTECTION response header
* Remove related constants ({{{}X_XSS_PROTECTION_KEY{}}},
{{{}X_XSS_PROTECTION_VAL{}}}) if no longer referenced
* Update tests (including {{{}HeadersUtilTest, AtlasSecurityConfigTest{}}})
accordingly
h3. Expected Outcome
* Atlas no longer sends deprecated headers
was:
One of the headers included is X-XSS-PROTECTION, which is now deprecated and no
longer supported by modern browsers.
* Remove the X-XSS-PROTECTION response header
* Remove related constants ({{{}X_XSS_PROTECTION_KEY{}}},
{{{}X_XSS_PROTECTION_VAL{}}}) if no longer referenced
* Update tests (including {{{}HeadersUtilTest{}}}) accordingly
h3. Expected Outcome
* Atlas no longer sends deprecated headers
> Remove deprecated X-XSS-PROTECTION header from HTTP response headers
> initialization and Atlas Spring Security Config
> --------------------------------------------------------------------------------------------------------------------
>
> Key: ATLAS-5160
> URL: https://issues.apache.org/jira/browse/ATLAS-5160
> Project: Atlas
> Issue Type: Improvement
> Components: atlas-core
> Reporter: Aditya Gupta
> Assignee: Aditya Gupta
> Priority: Major
>
> One of the headers included is X-XSS-PROTECTION, which is now deprecated and
> no longer supported by modern browsers.
> * Remove the X-XSS-PROTECTION response header
> * Remove related constants ({{{}X_XSS_PROTECTION_KEY{}}},
> {{{}X_XSS_PROTECTION_VAL{}}}) if no longer referenced
> * Update tests (including {{{}HeadersUtilTest, AtlasSecurityConfigTest{}}})
> accordingly
> h3. Expected Outcome
> * Atlas no longer sends deprecated headers
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
