Add HSTS
header to healthz
endpoint response
#825
Labels
area/robustness
Robustness, reliability, resilience related
kind/enhancement
Enhancement, improvement, extension
lifecycle/rotten
Nobody worked on this for 12 months (final aging stage)
priority/4
Priority (lower number equals higher priority)
How to categorize this issue?
/area robustness
/kind enhancement
/priority 4
What would you like to be added:
Add HSTS header to the HTTP response from the health endpoint of mcm. Refer etcd-backup-restore for an example.
Why is this needed:
The HSTS header is absent from the HTTP response from the health endpoint, making it vulnerable to man-in-the-middle attacks.
The text was updated successfully, but these errors were encountered: