[NIFI-5545] Add an Origin/Referer header Jetty filter - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Invalid
Affects Version/s: None
Fix Version/s: None
Component/s: Security
Labels:
- filter
- jetty

Description

Create a new Jetty filter that allows a NiFi administrator to enable Origin/Referer HTTP header filtering.

If the source origin header does not match the target origin, check the referer header.
If the referer header does not match the target origin, deny the request.
The filter should enabled or disabled using a property in the NiFiProperties configuration file.
The filter will only be required when NiFi is configured to use HTTPS.

Attachments

Activity

People

Assignee:: Nathan Gough

Reporter:: Nathan Gough

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 21/Aug/18 18:26

Updated:: 14/Sep/18 01:08

Resolved:: 14/Sep/18 01:08