[SOLR-7966] Solr Admin pages should set X-Frame-Options to DENY - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Trivial
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 5.4, 6.0
Component/s: None
Labels:
None

Description

Security scan software reported that Solr's admin interface is vulnerable to clickjacking, which is fixable with the X-Frame-Options HTTP header.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SOLR-7966.patch
25/Aug/15 22:06
3 kB
Yonik Seeley
SOLR-7966.patch
25/Aug/15 02:50
3 kB
Yonik Seeley

Activity

People

Assignee:: Yonik Seeley

Reporter:: Yonik Seeley

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 24/Aug/15 21:52

Updated:: 09/May/16 18:48

Resolved:: 28/Aug/15 20:45