You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Nathan Gough (JIRA)" <ji...@apache.org> on 2018/08/21 18:27:02 UTC
[jira] [Updated] (NIFI-5545) Add an Origin/Referer header Jetty
filter
[ https://issues.apache.org/jira/browse/NIFI-5545?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nathan Gough updated NIFI-5545:
-------------------------------
Summary: Add an Origin/Referer header Jetty filter (was: Add an Origin/Referer header filter)
> Add an Origin/Referer header Jetty filter
> -----------------------------------------
>
> Key: NIFI-5545
> URL: https://issues.apache.org/jira/browse/NIFI-5545
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Security
> Reporter: Nathan Gough
> Assignee: Nathan Gough
> Priority: Minor
> Labels: jetty
>
> Create a new Jetty filter that allows a NiFi administrator to enable Origin/Referer HTTP header filtering.
> * If the source origin header does not match the target origin, check the referer header.
> * If the referer header does not match the target origin, deny the request.
> * The filter should enabled or disabled using a property in the NiFiProperties configuration file.
> * The filter will only be required when NiFi is configured to use HTTPS.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)