Code Review / apex-tripleo-heat-templates.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 1e11997) | patch
Manage disallow_iframe_embed
authorLuke Hinds <lhinds@redhat.com>
Fri, 9 Dec 2016 11:41:19 +0000 (11:41 +0000)
committerLuke Hinds <lhinds@redhat.com>
Tue, 13 Dec 2016 06:52:43 +0000 (06:52 +0000)
commit0146b6be0d2f1710c7884a39fd60a2124394fc56
treecae58c254b843f8bfcab8e39c16b15db8d4cd191tree | snapshot
parent1e11997e76a0d4dfba7909ad242882ef91967b4ecommit | diff
Manage disallow_iframe_embed

disallow_iframe_embed can be used to prevent Horizon from being
embedded within an iframe. Legacy browsers are still vulnerable
to a Cross-Frame Scripting (XFS) vulnerability, so this option
allows extra security hardening where iframes are not used in
deployment

Change-Id: I2fe6b243250608b340ee555062060dbdad1a49c4
Depends-On: I5c540e552efe738bdec8598f9257fa22ae651a76
Closes-Bug: #1641882
puppet/services/horizon.yaml diff | blob | history