Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent Clickjacking by default in 3.0.0 #6215

Open
tianleh opened this issue Mar 19, 2024 · 0 comments
Open

Prevent Clickjacking by default in 3.0.0 #6215

tianleh opened this issue Mar 19, 2024 · 0 comments
Assignees

Comments

@tianleh
Copy link
Member

tianleh commented Mar 19, 2024

This issue is a follow up of the comment #5639 (comment) where we will enable Clickjacking mitigation by default for 3.0.0.

Specifically, we will need to default the following two plugins to enabled.

# Set the value of this setting to true to enable plugin application config. By default it is disabled.
# application_config.enabled: false

# Set the value of this setting to true to enable plugin CSP handler. By default it is disabled.
# It requires the application config plugin as its dependency.
# csp_handler.enabled: false

@tianleh tianleh self-assigned this Mar 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants