----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73644/ -----------------------------------------------------------
(Updated Dec. 7, 2021, 1:31 p.m.) Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy. Bugs: RANGER-3443 https://issues.apache.org/jira/browse/RANGER-3443 Repository: ranger Description (updated) ------- Ranger does not return "X-Permitted-Cross-Domain-Policies" response header. OWASP best practices suggest explicitly setting this header to "none". Diffs ----- security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java c50857940 Diff: https://reviews.apache.org/r/73644/diff/1/ Testing ------- Tested that Added "X-Permitted-Cross-Domain-Policies" responce header. Thanks, Nitin Galave