You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "t oo (Jira)" <ji...@apache.org> on 2019/12/26 22:35:00 UTC
[jira] [Work started] (AIRFLOW-6353) security - ui - add click
jacking defence
[ https://issues.apache.org/jira/browse/AIRFLOW-6353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Work on AIRFLOW-6353 started by t oo.
-------------------------------------
> security - ui - add click jacking defence
> -----------------------------------------
>
> Key: AIRFLOW-6353
> URL: https://issues.apache.org/jira/browse/AIRFLOW-6353
> Project: Apache Airflow
> Issue Type: Bug
> Components: security, ui
> Affects Versions: 1.10.3
> Reporter: t oo
> Assignee: t oo
> Priority: Major
>
> www/app.py Add Click jacking defence
>
> Fix:
> at the end of
> def create_app(config=None, testing=False):
> @app.after_request
> def apply_caching(response):
> response.headers["X-Frame-Options"] = "DENY"
> return response
--
This message was sent by Atlassian Jira
(v8.3.4#803005)