You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "Jarek Potiuk (Jira)" <ji...@apache.org> on 2020/01/03 15:27:00 UTC
[jira] [Resolved] (AIRFLOW-6353) security - ui - add click jacking
defence
[ https://issues.apache.org/jira/browse/AIRFLOW-6353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jarek Potiuk resolved AIRFLOW-6353.
-----------------------------------
Fix Version/s: 2.0.0
Resolution: Fixed
> security - ui - add click jacking defence
> -----------------------------------------
>
> Key: AIRFLOW-6353
> URL: https://issues.apache.org/jira/browse/AIRFLOW-6353
> Project: Apache Airflow
> Issue Type: Bug
> Components: security, ui
> Affects Versions: 1.10.3
> Reporter: t oo
> Assignee: t oo
> Priority: Major
> Fix For: 2.0.0
>
>
> www/app.py Add Click jacking defence
>
> Fix:
> at the end of
> def create_app(config=None, testing=False):
> @app.after_request
> def apply_caching(response):
> response.headers["X-Frame-Options"] = "DENY"
> return response
--
This message was sent by Atlassian Jira
(v8.3.4#803005)