[SLING-6937] Referrer Filter: Allow Regex User Agent Exclusions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: Security 1.1.2
Fix Version/s: Security 1.1.4
Component/s: Extensions
Labels:
None

Description

For some cases it would be desirable to skip the referrer check altogether for certain resource paths, instead of simply setting "Allow Empty Referrer", thus weakening the security overall instead of only for a well known set of paths for which it would be desirable.

For this reason i'd like to propose adding a path whitelist to the referrer filter configuration. Patch attached.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

_SLING_6937___Referrer_Filter__Allow_Path_Exclusions-2.patch
09/Jun/17 12:43
8 kB
Dominique Jäggi

Activity

People

Assignee:: Antonio Sanso

Reporter:: Dominique Jäggi

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 06/Jun/17 07:50

Updated:: 21/Jun/17 07:00

Resolved:: 13/Jun/17 12:17