[
https://issues.apache.org/jira/browse/ATLAS-5160?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18066684#comment-18066684
]
Radhika Kundam commented on ATLAS-5160:
---------------------------------------
[~adityagupta36] ,
The 2.5.0 release is already in progress, and the branch has been closed for
any new commits. Since this Jira is not yet merged, we are removing 2.5.0 from
the Fix Version.
> Remove deprecated X-XSS-PROTECTION header from HTTP response headers
> initialization and Atlas Spring Security Config
> --------------------------------------------------------------------------------------------------------------------
>
> Key: ATLAS-5160
> URL: https://issues.apache.org/jira/browse/ATLAS-5160
> Project: Atlas
> Issue Type: Improvement
> Components: atlas-core
> Reporter: Aditya Gupta
> Assignee: Aditya Gupta
> Priority: Major
> Fix For: 3.0.0, 2.5.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> One of the headers included is X-XSS-PROTECTION, which is now deprecated and
> no longer supported by modern browsers.
> * Remove the X-XSS-PROTECTION response header
> * Remove related constants ({{{}X_XSS_PROTECTION_KEY{}}},
> {{{}X_XSS_PROTECTION_VAL{}}}) if no longer referenced
> * Update tests (including {{{}HeadersUtilTest, AtlasSecurityConfigTest{}}})
> accordingly
> h3. Expected Outcome
> * Atlas no longer sends deprecated headers
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
