You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ro...@apache.org on 2020/02/10 09:57:04 UTC
[sling-org-apache-sling-security] branch master updated: SLING-9043
Adding COPY/MOVE method in default methods list of protected HTTP methods#
This is a combination of 2 commits.
This is an automated email from the ASF dual-hosted git repository.
rombert pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-security.git
The following commit(s) were added to refs/heads/master by this push:
new 08dab45 SLING-9043 Adding COPY/MOVE method in default methods list of protected HTTP methods# This is a combination of 2 commits.
08dab45 is described below
commit 08dab45e29f4a10b7585572e00aa62b4fba8b9b4
Author: sonagupt <49...@users.noreply.github.com>
AuthorDate: Wed Jan 29 16:17:50 2020 +0530
SLING-9043 Adding COPY/MOVE method in default methods list of protected HTTP methods# This is a combination of 2 commits.
Adding COPY method in default methods list of protected HTTP methods
COPY being a state changing action, this must be behind proper CSRF protection.
Adding MOVE method also in the default methods filter list
---
src/main/java/org/apache/sling/security/impl/ReferrerFilter.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java b/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
index 7e4b026..090e8fc 100644
--- a/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
+++ b/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
@@ -131,7 +131,7 @@ public class ReferrerFilter implements Preprocessor {
name = "Filter Methods",
description = "These methods are filtered by the filter"
)
- String[] filter_methods() default {"POST", "PUT", "DELETE"};
+ String[] filter_methods() default {"POST", "PUT", "DELETE", "COPY", "MOVE"};
/**
* Excluded regexp user agents property