[
https://issues.apache.org/jira/browse/SLING-3829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14490309#comment-14490309
]
Rob Ryan edited comment on SLING-3829 at 4/10/15 8:32 PM:
----------------------------------------------------------
[~asanso] in thinking about this filter I don't think it's rejection of *'*'*
to whitelist all mimetypes is appropriate. Given a subtree say /i/am/trusted
with appropriate access controls one might wish to serve anything from it,
*but* the same might not be said of /i/am/not/trusted...
was (Author: [email protected]):
[~asanso] in thinking about this filter I don't think it's rejection of 'star'
to whitelist all mimetypes is appropriate. Given a subtree say /i/am/trusted
with appropriate access controls one might wish to serve anything from it,
*but* the same might not be said of /i/am/not/trusted...
> Add support for Content-Disposition attachment
> -----------------------------------------------
>
> Key: SLING-3829
> URL: https://issues.apache.org/jira/browse/SLING-3829
> Project: Sling
> Issue Type: Improvement
> Components: Extensions
> Reporter: Antonio Sanso
> Assignee: Antonio Sanso
> Priority: Minor
> Fix For: Security 1.0.10
>
> Attachments: ContentDispositionFilter.java, SLING-3829-patch.txt
>
>
> In some situation will be useful (and safer) to force Content-Disposition
> attachment for some Content-Type (configurable ) under some specific (and
> sensitive) path (configurable)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
