This is an automated email from the ASF dual-hosted git repository.
janhoy pushed a commit to branch security-advisory-jwt-blockunknown
in repository https://gitbox.apache.org/repos/asf/solr-site.git
The following commit(s) were added to
refs/heads/security-advisory-jwt-blockunknown by this push:
new e01845623 Future -> upcoming Wording tweaks
e01845623 is described below
commit e0184562303dcb9a75ead8348bfee1e277b86814
Author: Jan Høydahl <[email protected]>
AuthorDate: Wed May 20 00:31:18 2026 +0200
Future -> upcoming
Wording tweaks
---
content/solr/security/2026-05-19-jwt-blockunknown-default.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/content/solr/security/2026-05-19-jwt-blockunknown-default.md
b/content/solr/security/2026-05-19-jwt-blockunknown-default.md
index 3a263240a..89c6f98e8 100644
--- a/content/solr/security/2026-05-19-jwt-blockunknown-default.md
+++ b/content/solr/security/2026-05-19-jwt-blockunknown-default.md
@@ -24,7 +24,7 @@ You may be affected if **all** of the following are true:
1. You use the JWT Authentication Plugin (`solr.JWTAuthPlugin`) in
`security.json`
2. Your intention is to block all unauthenticated requests
-3. Your `security.json` does **not** explicitly set `"blockUnknown": true`
+3. Your `security.json` does **not** explicitly set `blockUnknown` to `true`
You are **not** affected if any of the following applies:
@@ -37,7 +37,7 @@ Check the `authentication` section of your `security.json`.
If `blockUnknown` is
**Fix**
-Future Solr 9.11 and 10.1 releases will change the code default to `true`,
matching the documentation.
+Upcoming Solr 9.11 and 10.1 releases will change the code default of
`blockUnknown` to `true`.
Explicitly setting `blockUnknown` to `true` in a current release is
sufficient; upgrading is not required.
**References**
