New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent Clickjacking by default in 3.0.0 #6215

Open

tianleh opened this issue Mar 19, 2024 · 0 comments

Assignees

Member

tianleh commented Mar 19, 2024

This issue is a follow up of the comment #5639 (comment) where we will enable Clickjacking mitigation by default for 3.0.0.

Specifically, we will need to default the following two plugins to enabled.

# Set the value of this setting to true to enable plugin application config. By default it is disabled.
# application_config.enabled: false

# Set the value of this setting to true to enable plugin CSP handler. By default it is disabled.
# It requires the application config plugin as its dependency.
# csp_handler.enabled: false

The text was updated successfully, but these errors were encountered:

tianleh self-assigned this

github-actions bot added the untriaged label

AMoo-Miki removed the untriaged label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment