----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/52456/ -----------------------------------------------------------
Review request for Ambari, Di Li, Robert Levas, and Yusaku Sako. Bugs: AMBARI-17311 https://issues.apache.org/jira/browse/AMBARI-17311 Repository: ambari Description ------- This patch adds the following HTTP headers to follow security best practices. X-Content-Type-Options: nosniff Cache-control: no-store Pragma: no-cache Diffs ----- ambari-server/conf/unix/ambari.properties 4dcbe99 ambari-server/conf/windows/ambari.properties 64cce3b ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java 2e850ef ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java 05c9ecb ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java b40953b ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java 5bff4e3 ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java 7be70a3 ambari-server/src/test/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilterTest.java 6537130 ambari-server/src/test/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilterTest.java c9d7974 Diff: https://reviews.apache.org/r/52456/diff/ Testing ------- Test cases have been updated to test with the new headers added. Also did manual testing. Thanks, Sangeeta Ravindran