You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2020/07/11 07:58:45 UTC
[ofbiz-framework] branch release18.12 updated (c5ba62e -> ecc4e84)
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a change to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git.
from c5ba62e Improved: Adds information to install without the demo data
new c70fa51 Improved: better message for host-headers-allowed
new fd3667b Improved: Put the AsciiDoc files in main repo under the web site (OFBIZ-11879)
new ecc4e84 Fixed: don't remove localhost from host-headers-allowed this was only for testing
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
build.gradle | 10 ++++++++++
.../java/org/apache/ofbiz/webapp/control/RequestHandler.java | 6 ++++--
2 files changed, 14 insertions(+), 2 deletions(-)
Re: [ofbiz-framework] 02/03: Improved: Put the AsciiDoc files in main
repo under the web site (OFBIZ-11879)
Posted by "jleroux@apache.org" <jl...@apache.org>.
Hi,
There is a warning saying:
> Task :generateReadmeFiles
juil. 11, 2020 9:29:14 AM uri:classloader:/gems/asciidoctor-pdf-1.5.3/lib/asciidoctor/pdf/converter.rb resolve_image_path
AVERTISSEMENT: allow-uri-read is not enabled; cannot embed remote image: https://img.shields.io/badge/License-Apache%202.0-blue.svg
allow-uri-read is not enabled; cannot embed remote image: https://img.shields.io/badge/License-Apache%202.0-blue.svg
(uri:classloader:/gems/asciidoctor-pdf-1.5.3/lib/asciidoctor/pdf/converter.rb:resolve_image_path)
But it actually works, the image is in the files.
I'll also create a Jira to check AsciiDoc errors I found while running and an initial not committed version of generateReadmeFiles
Jacques
Le 11/07/2020 à 09:58, jleroux@apache.org a écrit :
> This is an automated email from the ASF dual-hosted git repository.
>
> jleroux pushed a commit to branch release18.12
> in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
>
> commit fd3667b6f7479a13f2a2ffd04378f53677b7cd3d
> Author: Jacques Le Roux <ja...@les7arts.com>
> AuthorDate: Sat Jul 11 09:45:49 2020 +0200
>
> Improved: Put the AsciiDoc files in main repo under the web site (OFBIZ-11879)
>
> We have AsciiDoc files in main repo and it would be better to have them also in
> HTML format under the web site: https://ci.apache.org/projects/ofbiz/site
>
> For that a new generateReadmeFiles is needed and new "readme" locations under
> each of https://ci.apache.org/projects/ofbiz/site "sub-dirs".
> We can create those from Buildbot like we did with INFRA-20311
> ---
> build.gradle | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/build.gradle b/build.gradle
> index 03355cf..e2ceeac 100644
> --- a/build.gradle
> +++ b/build.gradle
> @@ -549,6 +549,16 @@ task deleteAllPluginsDocumentation {
> }
>
>
> +task generateReadmeFiles(group: docsGroup, type: AsciidoctorTask) {
> + doFirst { delete "${buildDir}/asciidoc/readme" }
> + description 'Generate OFBiz README files'
> + sourceDir "${rootDir}"
> + sources {
> + include 'README.adoc', 'CHANGELOG.adoc', 'CONTRIBUTING.adoc'
> + }
> + outputDir file("${buildDir}/asciidoc/readme/")
> +}
> +
> task generateOfbizDocumentation(group: docsGroup, type: AsciidoctorTask) {
> dependsOn deleteOfbizDocumentation
> description 'Generate OFBiz documentation manuals'
>
[ofbiz-framework] 02/03: Improved: Put the AsciiDoc files in main
repo under the web site (OFBIZ-11879)
Posted by jl...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit fd3667b6f7479a13f2a2ffd04378f53677b7cd3d
Author: Jacques Le Roux <ja...@les7arts.com>
AuthorDate: Sat Jul 11 09:45:49 2020 +0200
Improved: Put the AsciiDoc files in main repo under the web site (OFBIZ-11879)
We have AsciiDoc files in main repo and it would be better to have them also in
HTML format under the web site: https://ci.apache.org/projects/ofbiz/site
For that a new generateReadmeFiles is needed and new "readme" locations under
each of https://ci.apache.org/projects/ofbiz/site "sub-dirs".
We can create those from Buildbot like we did with INFRA-20311
---
build.gradle | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/build.gradle b/build.gradle
index 03355cf..e2ceeac 100644
--- a/build.gradle
+++ b/build.gradle
@@ -549,6 +549,16 @@ task deleteAllPluginsDocumentation {
}
+task generateReadmeFiles(group: docsGroup, type: AsciidoctorTask) {
+ doFirst { delete "${buildDir}/asciidoc/readme" }
+ description 'Generate OFBiz README files'
+ sourceDir "${rootDir}"
+ sources {
+ include 'README.adoc', 'CHANGELOG.adoc', 'CONTRIBUTING.adoc'
+ }
+ outputDir file("${buildDir}/asciidoc/readme/")
+}
+
task generateOfbizDocumentation(group: docsGroup, type: AsciidoctorTask) {
dependsOn deleteOfbizDocumentation
description 'Generate OFBiz documentation manuals'
[ofbiz-framework] 03/03: Fixed: don't remove localhost from
host-headers-allowed this was only for testing
Posted by jl...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit ecc4e84a956d6b87a2a4e064e1f614b78a9df0b7
Author: Jacques Le Roux <ja...@les7arts.com>
AuthorDate: Sat Jul 11 09:57:04 2020 +0200
Fixed: don't remove localhost from host-headers-allowed this was only for testing
---
framework/security/config/security.properties | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/framework/security/config/security.properties b/framework/security/config/security.properties
index 8992fa1..fa64fa5 100644
--- a/framework/security/config/security.properties
+++ b/framework/security/config/security.properties
@@ -154,7 +154,7 @@ security.token.key=security.token.key
# -- List of domains or IP addresses to be checked to prevent Host Header Injection,
# -- no spaces after commas,no wildcard, can be extended of course...
-host-headers-allowed=127.0.0.1,demo-trunk.ofbiz.apache.org,demo-stable.ofbiz.apache.org,demo-old.ofbiz.apache.org
+host-headers-allowed=localhost,127.0.0.1,demo-trunk.ofbiz.apache.org,demo-stable.ofbiz.apache.org,demo-old.ofbiz.apache.org
# -- By default the SameSite value in SameSiteFilter is strict. This allows to change it to lax if needed
SameSiteCookieAttribute=
[ofbiz-framework] 01/03: Improved: better message for
host-headers-allowed
Posted by jl...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit c70fa51ae74abf225a4c006523bc56ec07205d84
Author: Jacques Le Roux <ja...@les7arts.com>
AuthorDate: Sat Jul 11 09:30:59 2020 +0200
Improved: better message for host-headers-allowed
Adds an explanation about what to do when using own domain.
Some users don't look into the log so it's better to set also the exception
message in order for them to have it right at 1st glance.
Conflicts handled in webapp/control/RequestHandler.java
---
framework/security/config/security.properties | 2 +-
.../main/java/org/apache/ofbiz/webapp/control/RequestHandler.java | 6 ++++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/framework/security/config/security.properties b/framework/security/config/security.properties
index fa64fa5..8992fa1 100644
--- a/framework/security/config/security.properties
+++ b/framework/security/config/security.properties
@@ -154,7 +154,7 @@ security.token.key=security.token.key
# -- List of domains or IP addresses to be checked to prevent Host Header Injection,
# -- no spaces after commas,no wildcard, can be extended of course...
-host-headers-allowed=localhost,127.0.0.1,demo-trunk.ofbiz.apache.org,demo-stable.ofbiz.apache.org,demo-old.ofbiz.apache.org
+host-headers-allowed=127.0.0.1,demo-trunk.ofbiz.apache.org,demo-stable.ofbiz.apache.org,demo-old.ofbiz.apache.org
# -- By default the SameSite value in SameSiteFilter is strict. This allows to change it to lax if needed
SameSiteCookieAttribute=
diff --git a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
index 41b5d44..fe5ff7a 100644
--- a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
+++ b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
@@ -240,8 +240,10 @@ public class RequestHandler {
GenericValue userLogin, Delegator delegator) throws RequestHandlerException, RequestHandlerExceptionAllowExternalRequests {
if (!hostHeadersAllowed.contains(request.getServerName())) {
- Debug.logError("Domain " + request.getServerName() + " not accepted to prevent host header injection ", module);
- throw new RequestHandlerException("Domain " + request.getServerName() + " not accepted to prevent host header injection ");
+ Debug.logError("Domain " + request.getServerName() + " not accepted to prevent host header injection."
+ + " You need to set host-headers-allowed property in security.properties file.", MODULE);
+ throw new RequestHandlerException("Domain " + request.getServerName() + " not accepted to prevent host header injection."
+ + " You need to set host-headers-allowed property in security.properties file.");
}
final boolean throwRequestHandlerExceptionOnMissingLocalRequest = EntityUtilProperties.propertyValueEqualsIgnoreCase(