Repository: knox Updated Branches: refs/heads/master 72dbf4886 -> b61e8d529
KNOX-1394 - OOTB gateway-site.xml to Default to Demo Whitelist Scenario Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/b61e8d52 Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/b61e8d52 Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/b61e8d52 Branch: refs/heads/master Commit: b61e8d529c60a5b0c62b2535b65a09e1a9cf036a Parents: 72dbf48 Author: Larry McCay <[email protected]> Authored: Fri Jul 20 10:49:50 2018 -0400 Committer: Larry McCay <[email protected]> Committed: Fri Jul 20 10:50:45 2018 -0400 ---------------------------------------------------------------------- CHANGES | 1 + gateway-release/home/conf/gateway-site.xml | 7 +++++++ 2 files changed, 8 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/b61e8d52/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index fc6f50c..8843763 100644 --- a/CHANGES +++ b/CHANGES @@ -11,6 +11,7 @@ Release Notes - Apache Knox - Version 1.1.0 [KNOX-1040] - Initial changes to support simple descriptors and provider configurations in the Admin UI. ** Improvement + [KNOX-1394] - OOTB gateway-site.xml to Default to Demo Whitelist Scenario [KNOX-1381] - Fix logging [KNOX-1378] - Declare SSO params using KnoxSSO service option knoxsso.expected.params [KNOX-1379] - Default dispatch whitelist should not include localhost when the Knox host domain can be determined http://git-wip-us.apache.org/repos/asf/knox/blob/b61e8d52/gateway-release/home/conf/gateway-site.xml ---------------------------------------------------------------------- diff --git a/gateway-release/home/conf/gateway-site.xml b/gateway-release/home/conf/gateway-site.xml index 1db5332..14ee0a1 100644 --- a/gateway-release/home/conf/gateway-site.xml +++ b/gateway-release/home/conf/gateway-site.xml @@ -141,4 +141,11 @@ limitations under the License. If the value is DEFAULT, a domain-based whitelist will be derived from the Knox host.</description> </property> + <property> + <name>gateway.dispatch.whitelist</name> + <value>^https?:\/\/(localhost|127\.0\.0\.1|0:0:0:0:0:0:0:1|::1):[0-9].*$</value> + <description>The whitelist to be applied for dispatches associated with the service roles specified by gateway.dispatch.whitelist.services. + If the value is DEFAULT, a domain-based whitelist will be derived from the Knox host.</description> + </property> + </configuration>
