-
Type:
Improvement
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 1.8.0
-
Fix Version/s: 1.9.0
-
Component/s: Core Framework
Some HTTP security headers could be added to improve NiFi security stance.
These include: Strict-Transport-Security (HSTS), X-XSS-Protection, and Content-Security-Policy.
Relates/duplicates to NIFI-2437
- relates to
-
NIFI-2437 Enforce HSTS to require HTTPS connections if available
-
- Open
-
- links to