You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Nathan Gough (JIRA)" <ji...@apache.org> on 2018/08/21 18:27:02 UTC

[jira] [Updated] (NIFI-5545) Add an Origin/Referer header Jetty filter

     [ https://issues.apache.org/jira/browse/NIFI-5545?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nathan Gough updated NIFI-5545:
-------------------------------
    Summary: Add an Origin/Referer header Jetty filter  (was: Add an Origin/Referer header filter)

> Add an Origin/Referer header Jetty filter
> -----------------------------------------
>
>                 Key: NIFI-5545
>                 URL: https://issues.apache.org/jira/browse/NIFI-5545
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Security
>            Reporter: Nathan Gough
>            Assignee: Nathan Gough
>            Priority: Minor
>              Labels: jetty
>
> Create a new Jetty filter that allows a NiFi administrator to enable Origin/Referer HTTP header filtering.
>  * If the source origin header does not match the target origin, check the referer header.
>  * If the referer header does not match the target origin, deny the request.
>  * The filter should enabled or disabled using a property in the NiFiProperties configuration file.
>  * The filter will only be required when NiFi is configured to use HTTPS.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)