You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@archiva.apache.org by oc...@apache.org on 2011/04/12 08:51:36 UTC

svn commit: r1091310 - /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml

Author: oching
Date: Tue Apr 12 06:51:36 2011
New Revision: 1091310

URL: http://svn.apache.org/viewvc?rev=1091310&view=rev
Log:
revert xss fixes committed in -r1081116

Modified:
    archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml

Modified: archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml?rev=1091310&r1=1091309&r2=1091310&view=diff
==============================================================================
--- archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml (original)
+++ archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml Tue Apr 12 06:51:36 2011
@@ -33,13 +33,11 @@
       <interceptor name="redbackAutoLogin" class="redbackAutoLoginInterceptor"/>
       <interceptor name="redbackPolicyEnforcement" class="redbackPolicyEnforcementInterceptor"/>
       <interceptor name="paramFilter" class="com.opensymphony.xwork2.interceptor.ParameterFilterInterceptor"/>
-      <interceptor name="redbackXssParameterCheck" class="redbackXSSParameterCheckInterceptor"/>
 
       <interceptor-stack name="configuredArchivaStack">
         <interceptor-ref name="redbackForceAdminUser"/>
         <interceptor-ref name="redbackAutoLogin"/>
         <interceptor-ref name="defaultStack"/>
-        <interceptor-ref name="redbackXssParameterCheck"/>
         <interceptor-ref name="paramFilter">
           <param name="blocked">externalResult</param>
         </interceptor-ref>
@@ -63,7 +61,6 @@
         <interceptor-ref name="redbackForceAdminUser"/>
         <interceptor-ref name="redbackAutoLogin"/>
         <interceptor-ref name="defaultStack"/>
-        <interceptor-ref name="redbackXssParameterCheck"/>
         <interceptor-ref name="redbackPolicyEnforcement"/>
         <interceptor-ref name="redbackSecureActions">
           <param name="enableReferrerCheck">false</param>
@@ -133,8 +130,6 @@
         <param name="namespace">/security</param>
       </result>
 
-      <result name="possible-xss-attack">/WEB-INF/jsp/redback/possibleXssAttack.jsp</result>
-      
       <!-- Generic Catchall for those action configurations that forget to
            include a result for 'error' -->
       <result name="error">/WEB-INF/jsp/generalError.jsp</result>