You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2020/06/18 00:16:00 UTC

[jira] [Commented] (NIFI-6094) Add X-Content-Type-Options header

    [ https://issues.apache.org/jira/browse/NIFI-6094?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17138911#comment-17138911 ] 

ASF subversion and git services commented on NIFI-6094:
-------------------------------------------------------

Commit 27b5bb7a209bdf12eb14e653d9d4c42f444018be in nifi's branch refs/heads/master from thenatog
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=27b5bb7 ]

NIFI-6094 - Added the X-Content-Type-Options header to all web responses. (#4307)

NIFI-6094 - Added the mime/content type for ttf files.

> Add X-Content-Type-Options header
> ---------------------------------
>
>                 Key: NIFI-6094
>                 URL: https://issues.apache.org/jira/browse/NIFI-6094
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Security
>            Reporter: Nathan Gough
>            Priority: Major
>              Labels: http-headers, security
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> The X-Content-Type-Options header should be added to all HTTP responses to improve security. In order for this to work correctly, all NiFi resources must accurately specify their respective *Content-Type*. This requires some work, as I do not believe this is currently the case for all of our resources.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)