Archiva

disable referrer check by default

Details

  • Type: Task Task
  • Status: Closed Closed
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 1.3.2
  • Fix Version/s: 1.3.3
  • Component/s: Users/Security
  • Labels:
    None
  • Number of attachments :
    0

Description

The redback referrer header check that was added can occasionally cause problems, and is only a preventative measure for other CSRF vulnerabilities.

It should be disabled by default, but the configuration for enabling it documented.

Activity

People

  • Assignee:
    Brett Porter
    Reporter:
    Brett Porter
Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved: