Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-6724

Increase default HSTS header max age to 2 years

    XMLWordPrintable

Details

    • Task
    • Resolution: Fixed
    • L3 - Default
    • 3.10.0-alpha4, 3.9.4
    • None
    • backend
    • None
    • Not defined

    Description

      As per INFOSEC-67, we should increase the default max age to 2 years rather than the existing one year. This is in line with recommended values.

      ATs:

      • The default value is set to 2 years in our config
      • The value can be overridden via environment variable
      • Our documentation is updated to reflect the change

      Testing notes:

      • The setting can be configured with env var: 

      CAMUNDA_OPTIMIZE_SECURITY_RESPONSE_HEADERS_HSTS_MAX_AGE

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Activity

            People

              Unassigned Unassigned
              joshua.windels Joshua Windels
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Salesforce