You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by us...@apache.org on 2019/04/17 09:06:01 UTC
[lucene-solr] branch branch_8x updated: SOLR-13409: Disable HTML
directory listings in admin interface to prevent possible security issues
This is an automated email from the ASF dual-hosted git repository.
uschindler pushed a commit to branch branch_8x
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git
The following commit(s) were added to refs/heads/branch_8x by this push:
new e1901aa SOLR-13409: Disable HTML directory listings in admin interface to prevent possible security issues
e1901aa is described below
commit e1901aaabb6dbb477eeb6c0b7b38731c52748635
Author: Uwe Schindler <us...@apache.org>
AuthorDate: Wed Apr 17 11:04:13 2019 +0200
SOLR-13409: Disable HTML directory listings in admin interface to prevent possible security issues
---
solr/CHANGES.txt | 2 ++
solr/server/etc/webdefault.xml | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 45029b2..157e77d 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -242,6 +242,8 @@ Other Changes
* SOLR-13366: Clarify 'Invalid stage name' warning logging in AutoScalingConfig (Christine Poerschke)
+* SOLR-13409: Disable HTML directory listings in admin interface to prevent possible security issues (Uwe Schindler)
+
================== 8.0.0 ==================
Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release.
diff --git a/solr/server/etc/webdefault.xml b/solr/server/etc/webdefault.xml
index b987eac..f088292 100644
--- a/solr/server/etc/webdefault.xml
+++ b/solr/server/etc/webdefault.xml
@@ -127,7 +127,7 @@
</init-param>
<init-param>
<param-name>dirAllowed</param-name>
- <param-value>true</param-value>
+ <param-value>false</param-value>
</init-param>
<init-param>
<param-name>welcomeServlets</param-name>