Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-26789

Automatically add default security headers to http/rest if SSL enabled

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.0.6, 2.1.10, 2.2.7, 3.0.0-alpha-2
    • 2.5.0, 3.0.0-alpha-3, 2.4.11
    • REST, UI
    • None

    Description

      In the previous ticket https://issues.apache.org/jira/browse/HBASE-23303 we implemented these security headers as optional which had to explicitly enabled in the config.

      With this change the headers will automatically be added with meaningful default values if SSL is enabled.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. HBASE-23303 Add security headers to REST server/info page

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HBASE-27118 Add security headers to Thrift/HTTP server

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #4128

          Activity

            People

              andor Andor Molnar
              andor Andor Molnar
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: