Archiva
  1. Archiva
  2. MRM-1445

disable referrer check by default

    Details

    • Type: Task Task
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.3.2
    • Fix Version/s: 1.3.3
    • Component/s: Users/Security
    • Labels:
      None
    • Number of attachments :
      0

      Description

      The redback referrer header check that was added can occasionally cause problems, and is only a preventative measure for other CSRF vulnerabilities.

      It should be disabled by default, but the configuration for enabling it documented.

        Activity

          People

          • Assignee:
            Brett Porter
            Reporter:
            Brett Porter
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: