Add Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy security headers
#9385
Assignees
Labels
Milestone
Comments
eddumelendez
added
status: waiting-for-triage
marcusdacoregio
removed
the
status: waiting-for-triage
marcusdacoregio
added a commit
to marcusdacoregio/spring-security
that referenced
this issue
Dec 7, 2021
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers Closes spring-projectsgh-9385, spring-projectsgh-10118
|
Closed via #10141 |
eleftherias
added a commit
that referenced
this issue
Dec 8, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected Behavior
Allow to add
Cross-Origin-Opener-PolicyandCross-Origin-Embedder-Policyheaders via dsl and xml.https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy
Current Behavior
This currently can be provided by https://docs.spring.io/spring-security/site/docs/5.5.x/reference/html5/#headers-custom
Context
Given the values provided by those headers, it would great to provide them explicitly.
I can provide a PR for this in the next weeks if adding them make sense.
The text was updated successfully, but these errors were encountered: