knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pzamp...@apache.org
Subject svn commit: r1831861 - in /knox: site/ site/books/knox-1-1-0/ trunk/books/1.1.0/
Date Fri, 18 May 2018 13:51:47 GMT
Author: pzampino
Date: Fri May 18 13:51:47 2018
New Revision: 1831861

URL: http://svn.apache.org/viewvc?rev=1831861&view=rev
Log:
Updated WebAppSec provider

Modified:
    knox/site/books/knox-1-1-0/user-guide.html
    knox/site/index.html
    knox/site/issue-tracking.html
    knox/site/license.html
    knox/site/mail-lists.html
    knox/site/project-info.html
    knox/site/team-list.html
    knox/trunk/books/1.1.0/book.md
    knox/trunk/books/1.1.0/config_webappsec_provider.md

Modified: knox/site/books/knox-1-1-0/user-guide.html
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/user-guide.html?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/site/books/knox-1-1-0/user-guide.html (original)
+++ knox/site/books/knox-1-1-0/user-guide.html Fri May 18 13:51:47 2018
@@ -82,6 +82,7 @@
     <li><a href="#CSRF">CSRF</a></li>
     <li><a href="#CORS">CORS</a></li>
     <li><a href="#X-Frame-Options">X-Frame-Options</a></li>
+    <li><a href="#X-Content-Type-Options">X-Content-Type-Options</a></li>
     <li><a href="#HTTP+Strict-Transport-Security+-+HSTS">HTTP Strict-Transport-Security
- HSTS</a></li>
   </ul></li>
   <li><a href="#Websocket+Support">Websocket Support</a></li>
@@ -3249,7 +3250,7 @@ APACHE_HOME/bin/apachectl -k stop
     &lt;param&gt;&lt;name&gt;csrf.customHeader&lt;/name&gt;&lt;value&gt;X-XSRF-Header&lt;/value&gt;&lt;/param&gt;
     &lt;param&gt;&lt;name&gt;csrf.methodsToIgnore&lt;/name&gt;&lt;value&gt;GET,OPTIONS,HEAD&lt;/value&gt;&lt;/param&gt;
     &lt;param&gt;&lt;name&gt;cors.enabled&lt;/name&gt;&lt;value&gt;true&lt;/value&gt;&lt;/param&gt;
-    &lt;param&gt;&lt;name&gt;xframe-options.enabled&lt;/name&gt;&lt;value&gt;true&lt;/value&gt;&lt;/param&gt;
+    &lt;param&gt;&lt;name&gt;xframe.options.enabled&lt;/name&gt;&lt;value&gt;true&lt;/value&gt;&lt;/param&gt;
     &lt;param&gt;&lt;name&gt;strict.transport.enabled&lt;/name&gt;&lt;value&gt;true&lt;/value&gt;&lt;/param&gt;
 &lt;/provider&gt;
 </code></pre><h4><a id="Descriptions">Descriptions</a> <a
href="#Descriptions"><img src="markbook-section-link.png"/></a></h4><p>The
following tables describes the configuration options for the web app security provider:</p><h5><a
id="CSRF">CSRF</a> <a href="#CSRF"><img src="markbook-section-link.png"/></a></h5><h6><a
id="Config">Config</a> <a href="#Config"><img src="markbook-section-link.png"/></a></h6>
@@ -3352,16 +3353,37 @@ APACHE_HOME/bin/apachectl -k stop
   </thead>
   <tbody>
     <tr>
-      <td>xframe-options.enabled </td>
+      <td>xframe.options.enabled </td>
       <td>This param enables the X-Frame-Options capabilities</td>
       <td>false</td>
     </tr>
     <tr>
-      <td>xframe-options.value </td>
+      <td>xframe.options </td>
       <td>This param specifies a particular value for the X-Frame-Options header. Most
often the default value of DENY will be most appropriate. You can also use SAMEORIGIN or ALLOW-FROM
uri</td>
       <td>DENY</td>
     </tr>
   </tbody>
+</table><h5><a id="X-Content-Type-Options">X-Content-Type-Options</a>
<a href="#X-Content-Type-Options"><img src="markbook-section-link.png"/></a></h5><p>Browser
MIME content type sniffing can be exploited for malicious purposes. Adding the X-Content-Type-Options
HTTP header to responses directs the browser to honor the type specified in the Content-Type
header, rather than trying to determine the type from the content itself. Most modern browsers
support this.</p><h6><a id="Config">Config</a> <a href="#Config"><img
src="markbook-section-link.png"/></a></h6>
+<table>
+  <thead>
+    <tr>
+      <th>Name </th>
+      <th>Description </th>
+      <th>Default</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td>xcontent-type.options.enabled </td>
+      <td>This param enables the X-Content-Type-Options header inclusion</td>
+      <td>false</td>
+    </tr>
+    <tr>
+      <td>xcontent-type.options </td>
+      <td>This param specifies a particular value for the X-Content-Type-Options header.
The default value is really the only meaningful value</td>
+      <td>nosniff</td>
+    </tr>
+  </tbody>
 </table><h5><a id="HTTP+Strict+Transport+Security">HTTP Strict Transport
Security</a> <a href="#HTTP+Strict+Transport+Security"><img src="markbook-section-link.png"/></a></h5><p>Web
applications can be protected by protocol downgrade attacks and cookie hijacking by adding
HTTP Strict Transport Security response header.</p><h6><a id="Config">Config</a>
<a href="#Config"><img src="markbook-section-link.png"/></a></h6>
 <table>
   <thead>

Modified: knox/site/index.html
URL: http://svn.apache.org/viewvc/knox/site/index.html?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/site/index.html (original)
+++ knox/site/index.html Fri May 18 13:51:47 2018
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2018-04-20
+ | Generated by Apache Maven Doxia at 2018-05-18
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20180420" />
+    <meta name="Date-Revision-yyyymmdd" content="20180518" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Announcing Apache Knox 1.0.0!</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2018-04-20</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2018-05-18</li>

             
                             </ul>
       </div>

Modified: knox/site/issue-tracking.html
URL: http://svn.apache.org/viewvc/knox/site/issue-tracking.html?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/site/issue-tracking.html (original)
+++ knox/site/issue-tracking.html Fri May 18 13:51:47 2018
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2018-04-20
+ | Generated by Apache Maven Doxia at 2018-05-18
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20180420" />
+    <meta name="Date-Revision-yyyymmdd" content="20180518" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Issue Tracking</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2018-04-20</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2018-05-18</li>

             
                             </ul>
       </div>

Modified: knox/site/license.html
URL: http://svn.apache.org/viewvc/knox/site/license.html?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/site/license.html (original)
+++ knox/site/license.html Fri May 18 13:51:47 2018
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2018-04-20
+ | Generated by Apache Maven Doxia at 2018-05-18
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20180420" />
+    <meta name="Date-Revision-yyyymmdd" content="20180518" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project License</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2018-04-20</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2018-05-18</li>

             
                             </ul>
       </div>

Modified: knox/site/mail-lists.html
URL: http://svn.apache.org/viewvc/knox/site/mail-lists.html?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/site/mail-lists.html (original)
+++ knox/site/mail-lists.html Fri May 18 13:51:47 2018
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2018-04-20
+ | Generated by Apache Maven Doxia at 2018-05-18
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20180420" />
+    <meta name="Date-Revision-yyyymmdd" content="20180518" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project Mailing Lists</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2018-04-20</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2018-05-18</li>

             
                             </ul>
       </div>

Modified: knox/site/project-info.html
URL: http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Fri May 18 13:51:47 2018
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2018-04-20
+ | Generated by Apache Maven Doxia at 2018-05-18
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20180420" />
+    <meta name="Date-Revision-yyyymmdd" content="20180518" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project Information</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2018-04-20</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2018-05-18</li>

             
                             </ul>
       </div>

Modified: knox/site/team-list.html
URL: http://svn.apache.org/viewvc/knox/site/team-list.html?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/site/team-list.html (original)
+++ knox/site/team-list.html Fri May 18 13:51:47 2018
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2018-04-20
+ | Generated by Apache Maven Doxia at 2018-05-18
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20180420" />
+    <meta name="Date-Revision-yyyymmdd" content="20180518" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Team list</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2018-04-20</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2018-05-18</li>

             
                             </ul>
       </div>

Modified: knox/trunk/books/1.1.0/book.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/1.1.0/book.md?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/trunk/books/1.1.0/book.md (original)
+++ knox/trunk/books/1.1.0/book.md Fri May 18 13:51:47 2018
@@ -79,6 +79,7 @@
     * #[CSRF]
     * #[CORS]
     * #[X-Frame-Options]
+    * #[X-Content-Type-Options]
     * #[HTTP Strict-Transport-Security - HSTS]
 * #[Websocket Support]
 * #[Audit]

Modified: knox/trunk/books/1.1.0/config_webappsec_provider.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/1.1.0/config_webappsec_provider.md?rev=1831861&r1=1831860&r2=1831861&view=diff
==============================================================================
--- knox/trunk/books/1.1.0/config_webappsec_provider.md (original)
+++ knox/trunk/books/1.1.0/config_webappsec_provider.md Fri May 18 13:51:47 2018
@@ -54,7 +54,7 @@ Because of this one-to-many provider/fil
         <param><name>csrf.customHeader</name><value>X-XSRF-Header</value></param>
         <param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
         <param><name>cors.enabled</name><value>true</value></param>
-        <param><name>xframe-options.enabled</name><value>true</value></param>
+        <param><name>xframe.options.enabled</name><value>true</value></param>
         <param><name>strict.transport.enabled</name><value>true</value></param>
     </provider>
 
@@ -105,8 +105,19 @@ Cross Frame Scripting and Clickjacking a
 
 Name                         | Description | Default
 -----------------------------|-------------|---------
-xframe-options.enabled                 | This param enables the X-Frame-Options capabilities|false
-xframe-options.value                 | This param specifies a particular value for the X-Frame-Options
header. Most often the default value of DENY will be most appropriate. You can also use SAMEORIGIN
or ALLOW-FROM uri|DENY
+xframe.options.enabled                 | This param enables the X-Frame-Options capabilities|false
+xframe.options                 | This param specifies a particular value for the X-Frame-Options
header. Most often the default value of DENY will be most appropriate. You can also use SAMEORIGIN
or ALLOW-FROM uri|DENY
+
+##### X-Content-Type-Options
+
+Browser MIME content type sniffing can be exploited for malicious purposes. Adding the X-Content-Type-Options
HTTP header to responses directs the browser to honor the type specified in the Content-Type
header, rather than trying to determine the type from the content itself. Most modern browsers
support this.
+
+###### Config
+
+Name                         | Description | Default
+-----------------------------|-------------|---------
+xcontent-type.options.enabled                 | This param enables the X-Content-Type-Options
header inclusion|false
+xcontent-type.options                | This param specifies a particular value for the X-Content-Type-Options
header. The default value is really the only meaningful value|nosniff
 
 ##### HTTP Strict Transport Security
 



Mime
View raw message