Re: Review Request 52456: Modify HTTP headers to follow best security practices

Mon, 10 Oct 2016 08:11:11 -0700 


> On Oct. 9, 2016, 6:39 p.m., Robert Levas wrote:
> > Ship It!
> 
> Sangeeta Ravindran wrote:
>     Thank you Robert.
>     Can you please help push the fix?

Pushed to trunk:

```
commit 34c5686c3a0f80a5c7b78ddf05bb41cb13202438
Author: Sangeeta Ravindran <sangeeta.e.ravind...@gmail.com>
Date:   Mon Oct 10 11:05:40 2016 -0400

    AMBARI-17311. Modify HTTP headers to follow best security practices 
(Sangeeta Ravindran via rlevas)
```


- Robert


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52456/#review151944
-----------------------------------------------------------


On Oct. 4, 2016, 12:45 p.m., Sangeeta Ravindran wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52456/
> -----------------------------------------------------------
> 
> (Updated Oct. 4, 2016, 12:45 p.m.)
> 
> 
> Review request for Ambari, Di Li, Robert Levas, and Yusaku Sako.
> 
> 
> Bugs: AMBARI-17311
>     https://issues.apache.org/jira/browse/AMBARI-17311
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> This patch adds the following HTTP headers to follow security best practices.
> 
> X-Content-Type-Options: nosniff
> Cache-control: no-store
> Pragma: no-cache
> 
> 
> Diffs
> -----
> 
>   ambari-server/conf/unix/ambari.properties 4dcbe99 
>   ambari-server/conf/windows/ambari.properties 64cce3b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  2e850ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java
>  05c9ecb 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java
>  b40953b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java
>  5bff4e3 
>   
> ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java
>  7be70a3 
>   
> ambari-server/src/test/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilterTest.java
>  6537130 
>   
> ambari-server/src/test/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilterTest.java
>  c9d7974 
> 
> Diff: https://reviews.apache.org/r/52456/diff/
> 
> 
> Testing
> -------
> 
> Test cases have been updated to test with the new headers added.
> Also did manual testing.
> 
> 
> File Attachments
> ----------------
> 
> Patch with review comments addressed
>   
> https://reviews.apache.org/media/uploaded/files/2016/10/04/32920075-a5ab-481b-bc47-e1be6b569605__AMBARI-17311.patch
> Updated patch with review comments addressed
>   
> https://reviews.apache.org/media/uploaded/files/2016/10/04/674db481-c4e0-4afb-98cb-b051d785c710__AMBARI-17311.patch
> 
> 
> Thanks,
> 
> Sangeeta Ravindran
> 
>

Reply via email to