Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-5968

Add standard HTTP security headers

    XMLWordPrintableJSON

    Details

      Description

      Some HTTP security headers could be added to improve NiFi security stance.

      These include: Strict-Transport-Security (HSTS), X-XSS-Protection, and Content-Security-Policy.

       

      Relates/duplicates to NIFI-2437

        Attachments

          Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. NIFI-2437 Enforce HSTS to require HTTPS connections if available

          • Major - Major loss of function.
          • Open
          links to

          Web Link GitHub Pull Request #3273

            Activity

              People

              • Assignee:
                thenatog Nathan Gough
                Reporter:
                thenatog Nathan Gough
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 4h 40m
                  4h 40m