You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by ja...@apache.org on 2019/04/25 10:58:36 UTC
[lucene-solr] branch branch_7_7 updated: SOLR-13409: Disable HTML
directory listings in admin interface to prevent possible security issues
This is an automated email from the ASF dual-hosted git repository.
janhoy pushed a commit to branch branch_7_7
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git
The following commit(s) were added to refs/heads/branch_7_7 by this push:
new d86d8db SOLR-13409: Disable HTML directory listings in admin interface to prevent possible security issues
d86d8db is described below
commit d86d8db316d3520b08a301a46c933f7a8a785569
Author: Uwe Schindler <us...@apache.org>
AuthorDate: Wed Apr 17 11:04:13 2019 +0200
SOLR-13409: Disable HTML directory listings in admin interface to prevent possible security issues
(cherry picked from commit df27ccf01d9b89149fbba00e81c3eed078e28a95)
---
solr/CHANGES.txt | 2 ++
solr/server/etc/webdefault.xml | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 44c7a34..52fb538 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -73,6 +73,8 @@ Bug fixes
* SOLR-13281: Fixed NPE in DocExpirationUpdateProcessorFactory (Munendra S N, Tomás Fernández Löbbe)
+* SOLR-13409: Disable HTML directory listings in admin interface to prevent possible security issues (Uwe Schindler)
+
================== 7.7.1 ==================
Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release.
diff --git a/solr/server/etc/webdefault.xml b/solr/server/etc/webdefault.xml
index b987eac..f088292 100644
--- a/solr/server/etc/webdefault.xml
+++ b/solr/server/etc/webdefault.xml
@@ -127,7 +127,7 @@
</init-param>
<init-param>
<param-name>dirAllowed</param-name>
- <param-value>true</param-value>
+ <param-value>false</param-value>
</init-param>
<init-param>
<param-name>welcomeServlets</param-name>