Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[LIVY-785] Enable adding security related HTTP headers #456

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

nileshrathi345
Copy link

@nileshrathi345 nileshrathi345 commented Sep 12, 2024

What changes were proposed in this pull request?

This change introduces a new configuration option livy.server.security-headers.enabled.
When this property is set to true, the following security headers are added to HTTP
responses by default:

  • X-XSS-Protection
  • X-Frame-Options
  • X-Content-Type-Options
  • Strict-Transport-Security
  • Content-Security-Policy

Also, adds content type information to all responses as required when using content type option nosniff

How was this patch tested?

Tested manually

@gyogal gyogal changed the title LIVY-785: Enabled adding security related HTTP headers [LIVY-785] Enable adding security related HTTP headers Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant