You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "Jarek Potiuk (Jira)" <ji...@apache.org> on 2020/01/03 15:27:00 UTC

[jira] [Resolved] (AIRFLOW-6353) security - ui - add click jacking defence

     [ https://issues.apache.org/jira/browse/AIRFLOW-6353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jarek Potiuk resolved AIRFLOW-6353.
-----------------------------------
    Fix Version/s: 2.0.0
       Resolution: Fixed

> security - ui - add click jacking defence
> -----------------------------------------
>
>                 Key: AIRFLOW-6353
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-6353
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: security, ui
>    Affects Versions: 1.10.3
>            Reporter: t oo
>            Assignee: t oo
>            Priority: Major
>             Fix For: 2.0.0
>
>
> www/app.py Add Click jacking defence
>  
> Fix:
> at the end of     
> def create_app(config=None, testing=False):
> @app.after_request
> def apply_caching(response):
> response.headers["X-Frame-Options"] = "DENY"
> return response



--
This message was sent by Atlassian Jira
(v8.3.4#803005)