> On Oct. 9, 2016, 6:39 p.m., Robert Levas wrote: > > Ship It! > > Sangeeta Ravindran wrote: > Thank you Robert. > Can you please help push the fix?
Pushed to trunk: ``` commit 34c5686c3a0f80a5c7b78ddf05bb41cb13202438 Author: Sangeeta Ravindran <sangeeta.e.ravind...@gmail.com> Date: Mon Oct 10 11:05:40 2016 -0400 AMBARI-17311. Modify HTTP headers to follow best security practices (Sangeeta Ravindran via rlevas) ``` - Robert ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/52456/#review151944 ----------------------------------------------------------- On Oct. 4, 2016, 12:45 p.m., Sangeeta Ravindran wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/52456/ > ----------------------------------------------------------- > > (Updated Oct. 4, 2016, 12:45 p.m.) > > > Review request for Ambari, Di Li, Robert Levas, and Yusaku Sako. > > > Bugs: AMBARI-17311 > https://issues.apache.org/jira/browse/AMBARI-17311 > > > Repository: ambari > > > Description > ------- > > This patch adds the following HTTP headers to follow security best practices. > > X-Content-Type-Options: nosniff > Cache-control: no-store > Pragma: no-cache > > > Diffs > ----- > > ambari-server/conf/unix/ambari.properties 4dcbe99 > ambari-server/conf/windows/ambari.properties 64cce3b > > ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java > 2e850ef > > ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java > 05c9ecb > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java > b40953b > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java > 5bff4e3 > > ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java > 7be70a3 > > ambari-server/src/test/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilterTest.java > 6537130 > > ambari-server/src/test/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilterTest.java > c9d7974 > > Diff: https://reviews.apache.org/r/52456/diff/ > > > Testing > ------- > > Test cases have been updated to test with the new headers added. > Also did manual testing. > > > File Attachments > ---------------- > > Patch with review comments addressed > > https://reviews.apache.org/media/uploaded/files/2016/10/04/32920075-a5ab-481b-bc47-e1be6b569605__AMBARI-17311.patch > Updated patch with review comments addressed > > https://reviews.apache.org/media/uploaded/files/2016/10/04/674db481-c4e0-4afb-98cb-b051d785c710__AMBARI-17311.patch > > > Thanks, > > Sangeeta Ravindran > >