This is an automated email from the ASF dual-hosted git repository.
cshannon pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/activemq.git
The following commit(s) were added to refs/heads/main by this push:
new dfa00d04d4 Add https to BrokerView restricted list (#2073)
dfa00d04d4 is described below
commit dfa00d04d4aae678e0eca7e43d4ebd9dea512696
Author: Christopher L. Shannon <[email protected]>
AuthorDate: Fri Jun 5 13:19:05 2026 -0400
Add https to BrokerView restricted list (#2073)
This adds https to the denied list eventhough there is currently no
https discovery protocol. This is being done just for extra defense in
depth in case a protocol is added in the future. There's also already
other checks in place (we deny remote protocols by default already, etc)
so this is just precautionary.
---
.../src/main/java/org/apache/activemq/broker/jmx/BrokerView.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/BrokerView.java
b/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/BrokerView.java
index d36e438b76..26e757a7d4 100644
---
a/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/BrokerView.java
+++
b/activemq-broker/src/main/java/org/apache/activemq/broker/jmx/BrokerView.java
@@ -44,7 +44,7 @@ public class BrokerView implements BrokerViewMBean {
private static final Logger LOG =
LoggerFactory.getLogger(BrokerView.class);
- public static final Set<String> DENIED_TRANSPORT_SCHEMES = Set.of("vm",
"http",
+ public static final Set<String> DENIED_TRANSPORT_SCHEMES = Set.of("vm",
"http", "https",
"multicast", "zeroconf", "discovery", "fanout", "mock", "peer",
"failover",
"proxy", "reliable", "simple", "udp", "masterslave");
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
