bb64d2bd43
Adds the following headers as static:
X-Content-Type-Options "nosniff"
X-XSS-Protection "1; mode=block"
append Content-Security-Policy "default-src 'self' https: wss:;"
nosniff prevents non-executable mime times from becoming executable.
The X-XSS-Protection header will prevent the loading of a page if the
browser detects an xss attack. The Content-Security-Policy declares
what dynamic resources are allowed to load.
Adds the following header as user-setable via the
keystone_x_frame_options variable.
X-Frame-Options "DENY"
By default the X-Frame-Options header denies embedding in an iframe.
Change-Id: Iadd3e93bdb7e9d41ae1d027196367448dbce19f1
Partial-Bug: 1717321
(cherry picked from commit
|
||
---|---|---|
defaults | ||
doc | ||
examples | ||
handlers | ||
library | ||
meta | ||
releasenotes | ||
tasks | ||
templates | ||
tests | ||
vars | ||
zuul.d | ||
.gitignore | ||
.gitreview | ||
CONTRIBUTING.rst | ||
LICENSE | ||
README.rst | ||
Vagrantfile | ||
bindep.txt | ||
manual-test.rc | ||
run_tests.sh | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
Team and repository tags
OpenStack-Ansible keystone
Ansible role that installs and configures OpenStack Keystone. Keystone is installed behind the Apache webserver listening on port 5000 and port 35357 by default.
Documentation for the project can be found at: https://docs.openstack.org/openstack-ansible-os_keystone/latest/ The project home is at: http://launchpad.net/openstack-ansible