Обсуждение: pgAdmin 4 commit: Added following security enhancements:

Поиск
Список
Период
Сортировка

pgAdmin 4 commit: Added following security enhancements:

От
Akshay Joshi
Дата:
Added following security enhancements:
  1) Added ALLOWED_HOSTS list to limit the host address.
  2) Added CSP and HSTS security header.
  3) Hide the webserver/ development framework version.

Fixes #5919

Branch
------
master

Details
-------
https://git.postgresql.org/gitweb?p=pgadmin4.git;a=commitdiff;h=08c4deba5a4aa781db2c78839eb03f6bccf60a30
Author: Ganesh Jaybhay <ganesh.jaybhay@enterprisedb.com>

Modified Files
--------------
Dockerfile                            |  4 ++-
docs/en_US/release_notes_4_28.rst     |  1 +
pkg/docker/entrypoint.sh              |  4 +--
pkg/docker/gunicorn_config.py         |  2 ++
requirements.txt                      |  1 +
web/config.py                         | 49 ++++++++++++++++++++++++++++++++++-
web/pgadmin/__init__.py               | 45 +++++++++++++++++++++++++++-----
web/pgadmin/browser/__init__.py       |  3 +++
web/pgadmin/preferences/__init__.py   |  3 +++
web/pgadmin/utils/security_headers.py | 41 +++++++++++++++++++++++++++++
web/pgadmin/utils/session.py          |  6 ++++-
11 files changed, 148 insertions(+), 11 deletions(-)