Archiva

disable referrer check by default

Details

  • Type: Task Task
  • Status: Closed Closed
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 1.3.2
  • Fix Version/s: 1.3.3
  • Component/s: Users/Security
  • Labels:
    None
  • Number of attachments :
    0

Description

The redback referrer header check that was added can occasionally cause problems, and is only a preventative measure for other CSRF vulnerabilities.

It should be disabled by default, but the configuration for enabling it documented.

Activity

There are no comments yet on this issue.

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Codehaus. Try JIRA - bug tracking software for your team.