solr icon indicating copy to clipboard operation
solr copied to clipboard
verified publisher icon apache

SOLR-15578 Add Support for HSTS Security Protocol

Open bszabo97 opened this issue 4 years ago • 1 comments

Change-Id: I5c87491bd875351e46774dc4ff5652deda6808c3

https://issues.apache.org/jira/browse/SOLR-15578

Description

Adding support for HSTS Security Protocol in jetty.xml.

Solution

I edited the jetty.xml to enable the HSTS protocol. This makes it so it is enabled by default with a max-age of 31536000.

Tests

I complemented the test SecurityHeadersTest with the HSTS header. This test right now awaits fixing because of the issue described in SOLR-14903, but I added this header for the record.

Checklist

Please review the following and check all that apply:

  • [x] I have reviewed the guidelines for How to Contribute and my code conforms to the standards described there to the best of my ability.
  • [x] I have created a Jira issue and added the issue ID to my pull request title.
  • [x] I have given Solr maintainers access to contribute to my PR branch. (optional but recommended)
  • [x] I have developed this patch against the main branch.
  • [x] I have run ./gradlew check.
  • [x] I have added tests for my changes.
  • [ ] I have added documentation for the Reference Guide

bszabo97 avatar Oct 07 '21 10:10 bszabo97

Should we be committing this PR before SOLR-14903 is fixed?

atris avatar Oct 07 '21 10:10 atris

@bszabo97 Can you modify this PR to make it opt-in, and without includeSubDomains? Also add some documentation in ref guide about its existence and how to enable it.

janhoy avatar Feb 21 '24 10:02 janhoy

Closing due to lack of interest

janhoy avatar Feb 24 '24 21:02 janhoy