openstack
/
openstack-ansible-os_keystone
Code Issues Proposed changes
openstack-ansible-os_keystone/releasenotes/notes
History
Matthew Thode bb64d2bd43 Add security headers to web accessable services. 
Adds the following headers as static:

    X-Content-Type-Options "nosniff"
    X-XSS-Protection "1; mode=block"
    append Content-Security-Policy "default-src 'self' https: wss:;"

nosniff prevents non-executable mime times from becoming executable.
The X-XSS-Protection header will prevent the loading of a page if the
browser detects an xss attack.  The Content-Security-Policy declares
what dynamic resources are allowed to load.

Adds the following header as user-setable via the
keystone_x_frame_options variable.

    X-Frame-Options "DENY"

By default the X-Frame-Options header denies embedding in an iframe.

Change-Id: Iadd3e93bdb7e9d41ae1d027196367448dbce19f1
Partial-Bug: 1717321
(cherry picked from commit 81a28142a0)
 		2017-10-30 02:20:36 +00:00
..
.placeholder Add reno scaffolding for release notes management 2016-04-09 19:20:42 +01:00
add-security-headers-e46c205b42b9598b.yaml Add security headers to web accessable services. 2017-10-30 02:20:36 +00:00
capping_keystone_workers-e284a47fc4dcea38.yaml Cap the number of worker threads 2017-02-23 05:15:53 -05:00
extra-headers-e54a672d3a78dd89.yaml Add extra headers for Keystone 2017-08-18 14:47:22 +00:00
keystone-endpoints-urls-679748dec6ee6dd7.yaml Bootstrap Keystone with versionless endpoints 2017-05-16 16:29:37 +02:00
keystone-init-config-overrides-1857d5e5bc5a905f.yaml Rename reno to avoid conflict on integrated repo 2017-04-11 12:08:51 +01:00
keystone-nginx-default-e9d91affd646f379.yaml Switch to using Nginx/uWSGI by default 2017-06-29 16:42:36 +00:00
keystone-upstream-config-files-d16f27fc1332ed83.yaml Source template files from git or deploy host 2017-04-04 09:51:09 +00:00
keystone_init_time_settings-62a1aab4bcfc9779.yaml Rename release note to unique hash 2017-04-28 11:39:09 +01:00
os-keystone-admin-token-auth-deprecation-24e84a18f8a56814.yaml Add note on admin_token_auth deprecation 2016-06-15 16:06:23 -07:00
os-keystone-apache-log-format-support-7232177f835222ee.yaml Add support for CustomLog format modification 2016-06-06 17:33:26 +06:00
os-keystone-apache-mpm-tunable-support-1c72f2f99cd502bc.yaml Add support to tune the keystone apache MPM settings 2016-05-04 11:50:06 -04:00
os-keystone-only-install-venv-b766568ee8d40354.yaml Only install to virtual environment 2016-07-06 18:42:09 -07:00
os-keystone-uwsgi-and-nginx-options-2157f8e40a7a8156.yaml Allow Uwsgi configuration overrides 2016-09-01 07:20:12 +01:00
os-keystone-zero-downtime-upgrade-5f19ab84183490b9.yaml Fix erroneous release note 2017-02-02 15:38:50 +00:00
os_keystone-centos7-support-0a5d97f81ac42e44.yaml Rename package lists (and related vars) appropriately 2016-08-30 20:05:21 +00:00
package-list-name-changes-007cacee4faf8ee6.yaml Rename package lists (and related vars) appropriately 2016-08-30 20:05:21 +00:00
package-state-711a1eb4814311cc.yaml Add ability to change apt/yum package state 2016-08-02 08:49:23 -05:00
primary-container-rebuild-a2f4d7f33d66c843.yaml Rebuild credential-key repo during keystone[0] rebuild 2017-03-04 02:46:39 +00:00
remove-requirements-git-bdf5691b8390ed7c.yaml Simplify pip options/constraints mechanism 2016-10-19 14:51:03 +00:00
remove_rpc_backend-187132a35223d295.yaml Deprecate rpc_backend option 2017-06-17 11:49:07 +00:00