[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-12-03 Thread ASF subversion and git services (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16987116#comment-16987116 ] ASF subversion and git services commented on SOLR-13982: Commit c

[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-12-03 Thread ASF subversion and git services (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16986807#comment-16986807 ] ASF subversion and git services commented on SOLR-13982: Commit 5

[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-12-03 Thread ASF subversion and git services (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16986805#comment-16986805 ] ASF subversion and git services commented on SOLR-13982: Commit c

[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-11-30 Thread Robert Muir (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16985418#comment-16985418 ] Robert Muir commented on SOLR-13982: I made a followup issue to address this {{unsafe

[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-11-30 Thread Robert Muir (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16985398#comment-16985398 ] Robert Muir commented on SOLR-13982: It seems the angular framework used here can be

[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-11-30 Thread Robert Muir (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16985397#comment-16985397 ] Robert Muir commented on SOLR-13982: You can see the bad guy if you remove {{unsafe-e

[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-11-30 Thread Robert Muir (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16985392#comment-16985392 ] Robert Muir commented on SOLR-13982: {quote} How extensively do we use unsafe evaluat

[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-11-30 Thread Ishan Chattopadhyaya (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16985386#comment-16985386 ] Ishan Chattopadhyaya commented on SOLR-13982: - Looks good, Robert. Thanks! b

[jira] [Commented] (SOLR-13982) set security-related http response headers by default

2019-11-29 Thread Robert Muir (Jira)
[ https://issues.apache.org/jira/browse/SOLR-13982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16985184#comment-16985184 ] Robert Muir commented on SOLR-13982: Attached is an initial patch: I confirmed all pa