Adds HTTP Security Headers

Adds HTTP security headers to Shipyard API handling Change-Id: Ia68d2364d40c0a1e528f0f27d1ce999981a0b5bf
2019-01-03 14:55:39 -05:00 · 2019-01-03 14:55:39 -05:00 · 1f76ba1f1c
commit 1f76ba1f1c
parent 6bd02eea84
1 changed files with 2 additions and 0 deletions
--- a/charts/shipyard/values.yaml
+++ b/charts/shipyard/values.yaml
@ -65,6 +65,8 @@ network:
        nginx.ingress.kubernetes.io/proxy-body-size: "10m"
        nginx.ingress.kubernetes.io/configuration-snippet: |
          more_clear_headers "Server";
+          more_set_headers "X-Content-Type-Options: 'nosniff'";
+          more_set_headers "X-Frame-Options: 'deny'";
    node_port: 31901
    enable_node_port: false
  airflow: