Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-2437

Enforce HSTS to require HTTPS connections if available

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.0.0
    • Fix Version/s: None
    • Component/s: Core Framework
    • Labels:

      Description

      HTTP Strict Transport Security (HSTS) [1] [2] is a feature of HTTP which instructs browsers/clients to only communicate with a resource over HTTPS. It is implemented via a header sent in the response and future connections will require HTTPS.

      [1] https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
      [2] https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet

        Attachments

        1. Screen Shot 2016-10-28 at 7.45.01 PM.png
          440 kB
          Andy LoPresto
        2. Screen Shot 2016-10-28 at 7.45.53 PM.png
          641 kB
          Andy LoPresto
        3. Screen Shot 2016-10-28 at 7.46.37 PM.png
          624 kB
          Andy LoPresto
        4. Screen Shot 2016-10-28 at 7.46.46 PM.png
          559 kB
          Andy LoPresto
        5. Screen Shot 2016-10-28 at 7.47.00 PM.png
          300 kB
          Andy LoPresto
        6. Screen Shot 2016-10-28 at 7.50.04 PM.png
          531 kB
          Andy LoPresto
        7. Screen Shot 2016-10-28 at 7.51.07 PM.png
          452 kB
          Andy LoPresto
        8. Screen Shot 2016-10-28 at 7.51.47 PM.png
          413 kB
          Andy LoPresto
        9. Screen Shot 2016-10-28 at 7.53.51 PM.png
          465 kB
          Andy LoPresto
        10. Screen Shot 2016-10-28 at 7.54.30 PM.png
          224 kB
          Andy LoPresto

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                alopresto Andy LoPresto
              • Votes:
                1 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: