[ambari] branch trunk updated: AMBARI-23470. Ambari views do not work due to X-Frame-Options: DENY header (#986)

Sun, 15 Apr 2018 13:37:48 -0700 

This is an automated email from the ASF dual-hosted git repository.

adoroszlai pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git


The following commit(s) were added to refs/heads/trunk by this push:
     new d0dd4b3  AMBARI-23470. Ambari views do not work due to 
X-Frame-Options: DENY header (#986)
d0dd4b3 is described below

commit d0dd4b31a0a0b2f59ebcca410f4220620cf2bd74
Author: Doroszlai, Attila <6454655+adorosz...@users.noreply.github.com>
AuthorDate: Sun Apr 15 22:36:40 2018 +0200

    AMBARI-23470. Ambari views do not work due to X-Frame-Options: DENY header 
(#986)
---
 .../org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java | 1 +
 1 file changed, 1 insertion(+)

diff --git 
a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java
 
b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java
index 8cab2eb..9401d1a 100644
--- 
a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java
+++ 
b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java
@@ -89,6 +89,7 @@ public class ApiSecurityConfig extends 
WebSecurityConfigurerAdapter{
     http.csrf().disable()
         .authorizeRequests().anyRequest().authenticated()
         .and()
+        .headers().frameOptions().disable().and()
         .exceptionHandling().authenticationEntryPoint(ambariEntryPoint)
         .and()
         .addFilterBefore(guiceBeansConfig.ambariUserAuthorizationFilter(), 
BasicAuthenticationFilter.class)

-- 
To stop receiving notification emails like this one, please contact
adorosz...@apache.org.

Reply via email to