You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by GitBox <gi...@apache.org> on 2021/10/07 10:16:26 UTC

[GitHub] [solr] bszabo97 opened a new pull request #332: SOLR-15578 Add Support for HSTS Security Protocol

bszabo97 opened a new pull request #332:
URL: https://github.com/apache/solr/pull/332


   Change-Id: I5c87491bd875351e46774dc4ff5652deda6808c3
   
   https://issues.apache.org/jira/browse/SOLR-15578
   
   <!--
   _(If you are a project committer then you may remove some/all of the following template.)_
   
   Before creating a pull request, please file an issue in the ASF Jira system for Solr:
   
   * https://issues.apache.org/jira/projects/SOLR
   
   You will need to create an account in Jira in order to create an issue.
   
   The title of the PR should reference the Jira issue number in the form:
   
   * SOLR-####: <short description of problem or changes>
   
   SOLR must be fully capitalized. A short description helps people scanning pull requests for items they can work on.
   
   Properly referencing the issue in the title ensures that Jira is correctly updated with code review comments and commits. -->
   
   
   # Description
   
   Adding support for HSTS Security Protocol in jetty.xml.
   
   # Solution
   
   I edited the jetty.xml to enable the HSTS protocol. This makes it so it is enabled by default with a max-age of 31536000.
   
   # Tests
   
   I complemented the test SecurityHeadersTest with the HSTS header. This test right now awaits fixing because of the issue described in SOLR-14903, but I added this header for the record.
   
   # Checklist
   
   Please review the following and check all that apply:
   
   - [x] I have reviewed the guidelines for [How to Contribute](https://wiki.apache.org/solr/HowToContribute) and my code conforms to the standards described there to the best of my ability.
   - [x] I have created a Jira issue and added the issue ID to my pull request title.
   - [x] I have given Solr maintainers [access](https://help.github.com/en/articles/allowing-changes-to-a-pull-request-branch-created-from-a-fork) to contribute to my PR branch. (optional but recommended)
   - [x] I have developed this patch against the `main` branch.
   - [x] I have run `./gradlew check`.
   - [x] I have added tests for my changes.
   - [ ] I have added documentation for the [Reference Guide](https://github.com/apache/solr/tree/main/solr/solr-ref-guide)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org

[GitHub] [solr] HoustonPutman commented on a change in pull request #332: SOLR-15578 Add Support for HSTS Security Protocol

Posted by GitBox <gi...@apache.org>.
HoustonPutman commented on a change in pull request #332:
URL: https://github.com/apache/solr/pull/332#discussion_r809274602



##########
File path: solr/server/etc/jetty.xml
##########
@@ -126,6 +126,15 @@
           </New>
         </Arg>
       </Call>
+      <Call name="addRule">

Review comment:
       shouldn't this go in the `jetty-https.xml` file? Otherwise the server is going to tell the browser to expect https requests for an http server.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org

[GitHub] [solr] HoustonPutman commented on a change in pull request #332: SOLR-15578 Add Support for HSTS Security Protocol

Posted by GitBox <gi...@apache.org>.
HoustonPutman commented on a change in pull request #332:
URL: https://github.com/apache/solr/pull/332#discussion_r809286807



##########
File path: solr/server/etc/jetty.xml
##########
@@ -126,6 +126,15 @@
           </New>
         </Arg>
       </Call>
+      <Call name="addRule">

Review comment:
       Ok I see now that this isn't an issue when using HTTP only. Ignore
   
   https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security#description




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org

[GitHub] [solr] atris commented on pull request #332: SOLR-15578 Add Support for HSTS Security Protocol

Posted by GitBox <gi...@apache.org>.
atris commented on pull request #332:
URL: https://github.com/apache/solr/pull/332#issuecomment-937666333


   Should we be committing this PR before  SOLR-14903 is fixed?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org

[GitHub] [solr] atris commented on pull request #332: SOLR-15578 Add Support for HSTS Security Protocol

Posted by GitBox <gi...@apache.org>.
atris commented on pull request #332:
URL: https://github.com/apache/solr/pull/332#issuecomment-937666333


   Should we be committing this PR before  SOLR-14903 is fixed?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org