Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-6305

REST-API shouid send the Strict-Transport-Security header if HTTPS is used

    XMLWordPrintable

Details

    • Bug
    • Status: In Review (View Workflow)
    • Minor
    • Resolution: Unresolved
    • 23.02, 23.08.13, 24.02.9, 25.01.6, 25.10.1
    • 23.02, 23.08, 24.02, 25.01, 25.10
    • REST-API
    • None

    Description

      The Strict-Transport-Security header tells the browser to not access the page without HTTPS later on if it's accessed with HTTPS. It'll cause requests to automatically be upgraded to HTTPS if they're done with HTTP. MaxScale should send this in the REST-API responses as well as when serving the GUI files if HTTPS is being used.

      Attachments

        Activity

          People

            markus makela markus makela
            markus makela markus makela
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.