-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Always set content-type & nosniff #72535
Conversation
/test pull-kubernetes-e2e-kops-aws |
one question on the dot graph, @deads2k might know, lgtm otherwise |
/cc @logicalhan |
FYI, we can hopefully use this change here (#72589). |
ping @deads2k for the dot graph question Can we get this merged? |
Er, sorry, I realized this needs to be sync'd up with #72589 |
Actually, on close inspection, does reusing that make sense in all these cases? Is it ok to depend on k8s.io/apiserver from the scheduler, kube-proxy, and controller manager? |
/unassign |
one nit, then lgtm |
@tallclair Are you still working on this PR? |
3975f8e
to
ef6cba0
Compare
Yeah, sorry. Resolved the last comment.
Good question. I can't think of a good universal approach. Suggestions welcome. |
/priority backlog |
Don't know why @liggitt 's |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: liggitt, tallclair The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind bug
What this PR does / why we need it:
HTTP responses should always set a content-type header, and
nosniff
option to prevent certain types of XSS or mime attacks.Follow-up to #72520 to fix a few more cases.
Does this PR introduce a user-facing change?:
/assign @dims