You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Anita Gnanamalar Jebaraj (JIRA)" <ji...@apache.org> on 2016/11/14 05:49:58 UTC

[jira] [Created] (AMBARI-18871) HTTP responses needs to have the character encoding specified in the content type header

Anita Gnanamalar Jebaraj created AMBARI-18871:
-------------------------------------------------

             Summary: HTTP responses needs to have the character encoding specified in the content type header
                 Key: AMBARI-18871
                 URL: https://issues.apache.org/jira/browse/AMBARI-18871
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: trunk
            Reporter: Anita Gnanamalar Jebaraj
            Assignee: Anita Gnanamalar Jebaraj
             Fix For: trunk


The charset information(UTF-8) can be added to all the response headers to harden the security for the client. When the charset information is not specified the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. 

This specific issue is mentioned in the section 3.1.1.5 of RFC7231



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)