You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ranger.apache.org by pr...@apache.org on 2020/05/28 06:03:26 UTC

[ranger] 02/02: RANGER-2833 : Enforcing Strict transport security

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit 54e54886329f9e46845f11cde066c842525d2e88
Author: Dineshkumar Yadav <di...@outlook.com>
AuthorDate: Thu May 21 16:26:30 2020 +0530

    RANGER-2833 : Enforcing Strict transport security
    
    Signed-off-by: pradeep <pr...@apache.org>
---
 security-admin/src/main/webapp/login.jsp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/security-admin/src/main/webapp/login.jsp b/security-admin/src/main/webapp/login.jsp
index 570ab75..12479f2 100644
--- a/security-admin/src/main/webapp/login.jsp
+++ b/security-admin/src/main/webapp/login.jsp
@@ -59,6 +59,7 @@
 			response.setHeader("X-Content-Type-Options", "nosniff");
 			response.setHeader("X-XSS-Protection", "1; mode=block");
 			response.setHeader("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'");
+			response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
 		%>
 		<!-- Page content
 		================================================== -->