openstack-ansible-os_keystone

History

Matthew Thode bb64d2bd43 Add security headers to web accessable services. Adds the following headers as static: X-Content-Type-Options "nosniff" X-XSS-Protection "1; mode=block" append Content-Security-Policy "default-src 'self' https: wss:;" nosniff prevents non-executable mime times from becoming executable. The X-XSS-Protection header will prevent the loading of a page if the browser detects an xss attack. The Content-Security-Policy declares what dynamic resources are allowed to load. Adds the following header as user-setable via the keystone_x_frame_options variable. X-Frame-Options "DENY" By default the X-Frame-Options header denies embedding in an iframe. Change-Id: Iadd3e93bdb7e9d41ae1d027196367448dbce19f1 Partial-Bug: 1717321 (cherry picked from commit `81a28142a0`)	2017-10-30 02:20:36 +00:00
..
notes	Add security headers to web accessable services.	2017-10-30 02:20:36 +00:00
source	Fix openstackdocstheme settings	2017-07-03 16:18:03 +08:00

Matthew Thode bb64d2bd43 Add security headers to web accessable services.

Adds the following headers as static:

    X-Content-Type-Options "nosniff"
    X-XSS-Protection "1; mode=block"
    append Content-Security-Policy "default-src 'self' https: wss:;"

nosniff prevents non-executable mime times from becoming executable.
The X-XSS-Protection header will prevent the loading of a page if the
browser detects an xss attack.  The Content-Security-Policy declares
what dynamic resources are allowed to load.

Adds the following header as user-setable via the
keystone_x_frame_options variable.

    X-Frame-Options "DENY"

By default the X-Frame-Options header denies embedding in an iframe.

Change-Id: Iadd3e93bdb7e9d41ae1d027196367448dbce19f1
Partial-Bug: 1717321
(cherry picked from commit 81a28142a0)

2017-10-30 02:20:36 +00:00

notes Add security headers to web accessable services. 2017-10-30 02:20:36 +00:00

source Fix openstackdocstheme settings 2017-07-03 16:18:03 +08:00