You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "Vivek Ratnavel Subramanian (Jira)" <ji...@apache.org> on 2021/04/19 18:52:00 UTC

[jira] [Created] (HDDS-5120) Access-Control-Allow-Origin header must be set in all the responses from http endpoints

Vivek Ratnavel Subramanian created HDDS-5120:
------------------------------------------------

             Summary: Access-Control-Allow-Origin header must be set in all the responses from http endpoints  
                 Key: HDDS-5120
                 URL: https://issues.apache.org/jira/browse/HDDS-5120
             Project: Apache Ozone
          Issue Type: Bug
          Components: Security, website
    Affects Versions: 1.1.0
            Reporter: Vivek Ratnavel Subramanian
            Assignee: Vivek Ratnavel Subramanian


To prevent CORS attacks, all the http endpoints exposed by Ozone should include Access-Control-Allow-Origin header in the response pointing to a trusted domain.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org