You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by cz...@apache.org on 2011/08/03 18:47:38 UTC
svn commit: r1153576 -
/sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
Author: cziegeler
Date: Wed Aug 3 16:47:37 2011
New Revision: 1153576
URL: http://svn.apache.org/viewvc?rev=1153576&view=rev
Log:
Update default list
Modified:
sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
Modified: sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java?rev=1153576&r1=1153575&r2=1153576&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java (original)
+++ sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java Wed Aug 3 16:47:37 2011
@@ -125,6 +125,7 @@ public class ReferrerFilter implements F
referrers.add("https://localhost" + ":0");
referrers.add("https://127.0.0.1" + ":0");
referrers.add("https://[::1]" + ":0");
+ referrers.add("https://[::1]" + ":0");
return referrers;
}
@@ -267,6 +268,10 @@ public class ReferrerFilter implements F
if ( referrer.indexOf(":/") == - 1 ) {
return true;
}
+ // check for air referrer - which is always allowed
+ if ( referrer.startsWith("app:/") ) {
+ return true;
+ }
final HostInfo info = getHost(referrer);
if ( info == null ) {