You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "t oo (Jira)" <ji...@apache.org> on 2019/12/26 00:24:00 UTC

[jira] [Created] (AIRFLOW-6353) security - ui - add click jacking defence

t oo created AIRFLOW-6353:
-----------------------------

             Summary: security - ui - add click jacking defence
                 Key: AIRFLOW-6353
                 URL: https://issues.apache.org/jira/browse/AIRFLOW-6353
             Project: Apache Airflow
          Issue Type: Bug
          Components: security, ui
    Affects Versions: 1.10.3
            Reporter: t oo


www/app.py Add Click jacking defence

 

Fix:

at the end of     

def create_app(config=None, testing=False):

@app.after_request
def apply_caching(response):
response.headers["X-Frame-Options"] = "DENY"
return response



--
This message was sent by Atlassian Jira
(v8.3.4#803005)