You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tapestry.apache.org by "Thiago H. de Paula Figueiredo (JIRA)" <ji...@apache.org> on 2018/11/23 19:00:00 UTC
[jira] [Resolved] (TAP5-2601) Add configurable service to block
access to classpath assets
[ https://issues.apache.org/jira/browse/TAP5-2601?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thiago H. de Paula Figueiredo resolved TAP5-2601.
-------------------------------------------------
Resolution: Implemented
A new service, `ClasspathAssetProtectionRule`, which receives contributions of `ClasspathAssetProtectionRule`
instances, was created to you can easily add rules to block requests to classpath assets according to your
security needs.
Three rules are added out-of-the-box and may be overriden:
* `ClassFile`: blocks access to assets with `.class` endings (case insensitive).
* `PropertiesFile`: blocks access to assets with `.properties` endings (case insensitive).
* `XMLFile`: blocks access to assets with `.xml` endings (case insensitive).
> Add configurable service to block access to classpath assets
> ------------------------------------------------------------
>
> Key: TAP5-2601
> URL: https://issues.apache.org/jira/browse/TAP5-2601
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.5.0, 5.4.3
> Reporter: Thiago H. de Paula Figueiredo
> Assignee: Thiago H. de Paula Figueiredo
> Priority: Major
> Labels: features
>
> There's no built-in way in Tapestry of blocking access to classpath assets, so we should create a new service we can contribute blocking rules.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)