You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ro...@apache.org on 2017/11/07 10:12:49 UTC
[sling-org-apache-sling-security] 11/20: Update default list
This is an automated email from the ASF dual-hosted git repository.
rombert pushed a commit to annotated tag org.apache.sling.security-1.0.0
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-security.git
commit ea48c8c162a689c28ec3e6b8688ff31a95735f4f
Author: Carsten Ziegeler <cz...@apache.org>
AuthorDate: Wed Aug 3 16:47:37 2011 +0000
Update default list
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/security@1153576 13f79535-47bb-0310-9956-ffa450edef68
---
src/main/java/org/apache/sling/security/impl/ReferrerFilter.java | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java b/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
index f8ad2ce..704b915 100644
--- a/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
+++ b/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
@@ -125,6 +125,7 @@ public class ReferrerFilter implements Filter {
referrers.add("https://localhost" + ":0");
referrers.add("https://127.0.0.1" + ":0");
referrers.add("https://[::1]" + ":0");
+ referrers.add("https://[::1]" + ":0");
return referrers;
}
@@ -267,6 +268,10 @@ public class ReferrerFilter implements Filter {
if ( referrer.indexOf(":/") == - 1 ) {
return true;
}
+ // check for air referrer - which is always allowed
+ if ( referrer.startsWith("app:/") ) {
+ return true;
+ }
final HostInfo info = getHost(referrer);
if ( info == null ) {
--
To stop receiving notification emails like this one, please contact
"commits@sling.apache.org" <co...@sling.apache.org>.