OpenStack Dashboard Charm

  1. Bug #1713202
  2. Comment #6

Comment 6 for bug 1713202

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-openstack-dashboard (master)

Reviewed: https://review.openstack.org/511898
Committed: https://git.openstack.org/cgit/openstack/charm-openstack-dashboard/commit/?id=1d45c57fd27b1049e5663b6814ded08a52cbf3a4
Submitter: Zuul
Branch: master

commit 1d45c57fd27b1049e5663b6814ded08a52cbf3a4
Author: Nobuto Murata <email address hidden>
Date: Fri Oct 13 10:53:09 2017 -0400

    Allow to configure max-age for HSTS(HTTP Strict Transport Security)

    HSTS is helpful to bring more protection to users, but on the other
    hand, it locks down users to use HTTPS only until max-age expires. To
    enable HSTS, admins must enable enforce-ssl option and set non-zero
    value to hsts-max-age-seconds explicitly.

    Content Security Policy (CSP) is not enabled this time. Horizon upstream
    may need some work: https://bugs.launchpad.net/horizon/+bug/1618024

    Change-Id: I7fd774ba9a1c292d51625d6d36a086b2a531ae75
    Partial-Bug: #1713202