[SLING-2870] Support allowed hosts patterns in ReferrerFilter - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: Security 1.0.2
Fix Version/s: Security 1.0.6
Component/s: Extensions
Labels:
None

Description

The current "allow.hosts" setting of the ReferrerFilter can be configured with a list of trusted hosts.
In a setup where the list of allowed hosts is expending as the application runs, it becomes tricky to keep the configuration in sync.
As an example, a service which supports wilcard uris such as <userId>.my.service.com would be required to modify the reference filter configuration for each user which is hardly doable.

Thus, I would propose to support regex patterns for the list of "allow.hosts". which would still be secure.

The example above would be configured as: allow.hosts=(.*).my.service.com

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SLING-2870.patch
16/May/13 14:49
13 kB
Timothee Maret
SLING-2870.patch
15/May/13 11:44
10 kB
Timothee Maret

Activity

People

Assignee:: Carsten Ziegeler

Reporter:: Timothee Maret

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 13/May/13 19:20

Updated:: 22/Dec/15 13:51

Resolved:: 22/May/13 09:02