Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FISH-7044: preventing the addition of multiple HSTS header for response #6366

Merged

Conversation

breakponchito
Copy link
Contributor

@breakponchito breakponchito commented Aug 17, 2023

Adding fix to prevent multiple security headers of Strict-Transport-Security on the response

Description

This is a fix for the following reported bug: #6178

Important Info

Blockers

Testing

New tests

Testing Performed

Manual testing with the reproducer included on the ticket: https://payara.atlassian.net/browse/FISH-7044
Now the request is working fine adding just one occurrence of the security header on the response:
`
8m2pcqb77qu6lh5pl7v35pgyhauot2ntazall9f4idjs5lypnu5u83k6tf165ijyl64r0nf8mm1kexkclstpr13xgtmidw25pjv6yx6w2qyvm6jxu2vduxtj1mxsfralqbs4hss1ka6cpxdejq1nxly97p81zcqhpg22952l4rt6pk30qkm6f96ob7h33iines80f2bj6ziwwlimewj2az7rsoiae1nwskyyde4uh9l1xebng8e0vyr68pg3kc8l8067cjqy6lblvuk2xc5oiw01lasqnzi9vmrokal7scnik13x8xyuv1r54btm7mdxt97pu0xydhj2ahrrsnqgqx1ydsm41wyyh7de01zy0ktufu6okdouzkk2hnz94ywbjywsb7smwz2dffirm4nn36ah3nggvftwt8is6xl7xk8mj2phe0gl8gro4zz0xlrafub3aqom7xoen29rkevcsdgtm6cyegityc6qnoxqowoum69bnhwi1d9xjn5p9l6ax683kjah7988nlr4t1mhrw9sgce3vbn571xry92w1hfdlqct5atwfmyplkxvnx5s4lv5mww910mkj8ojykm634wm2jnfqrfvku6vpuky0oxchxpjl3napjy40hdkfk24nz52dr6vumh4ys7eu05ozbd3rv15dvld3glmkox0w8< HTTP/2 200

< strict-transport-security: max-age=31536000
< content-type: text/plain
`

Testing Environment

Windows 11, Azul jdk 11, maven 3.8.3

Documentation

Notes for Reviewers

@breakponchito breakponchito added the PR: DO NOT MERGE Don't merge PR until further notice label Aug 17, 2023
@breakponchito
Copy link
Contributor Author

Jenkins test please

2 similar comments
@breakponchito
Copy link
Contributor Author

Jenkins test please

@breakponchito
Copy link
Contributor Author

Jenkins test please

@breakponchito breakponchito removed the PR: DO NOT MERGE Don't merge PR until further notice label Aug 18, 2023
@breakponchito
Copy link
Contributor Author

Jenkins test please

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants