You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Istvan Toth (Jira)" <ji...@apache.org> on 2022/04/27 04:07:00 UTC

[jira] [Commented] (HBASE-26789) Automatically add default security headers to http/rest if SSL enabled

    [ https://issues.apache.org/jira/browse/HBASE-26789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17528523#comment-17528523 ] 

Istvan Toth commented on HBASE-26789:
-------------------------------------

For the next person checking the commit log for this, the commit name is:
*HBASE-23303 Add default security headers if SSL is enabled (#4128)*
, NOT *HBASE-26789 ...*

> Automatically add default security headers to http/rest if SSL enabled
> ----------------------------------------------------------------------
>
>                 Key: HBASE-26789
>                 URL: https://issues.apache.org/jira/browse/HBASE-26789
>             Project: HBase
>          Issue Type: Improvement
>          Components: REST, UI
>    Affects Versions: 2.0.6, 2.1.10, 2.2.7, 3.0.0-alpha-2
>            Reporter: Andor Molnar
>            Assignee: Andor Molnar
>            Priority: Major
>             Fix For: 2.5.0, 3.0.0-alpha-3, 2.4.11
>
>
> In the previous ticket https://issues.apache.org/jira/browse/HBASE-23303 we implemented these security headers as optional which had to explicitly enabled in the config.
> With this change the headers will automatically be added with meaningful default values if SSL is enabled.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)