[
https://issues.apache.org/jira/browse/TIKA-2081?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tim Allison updated TIKA-2081:
------------------------------
Fix Version/s: 2.0
> Add back 'fileUrl' functionality to TikaJAXRS Server subject to security
> controls
> ---------------------------------------------------------------------------------
>
> Key: TIKA-2081
> URL: https://issues.apache.org/jira/browse/TIKA-2081
> Project: Tika
> Issue Type: Task
> Components: server
> Affects Versions: 1.13
> Environment: All versions
> Reporter: John Dougrez-Lewis
> Assignee: Tim Allison
> Priority: Minor
> Labels: features, security
> Fix For: 2.0, 1.14
>
>
> Add back 'fileUrl' functionality from version 1.9 to TikaJAXRS Server subject
> to additional security controls:
> disable by default
> only enable if appropriate configuration flags are specified
> when enabled print warning displaying at least CVE ID: CVE-2015-3271.
> as discussed on [email protected] mailing list under title "Query on
> correct use of 'fileUrl' in TikaJAXRS Server to extract document at remote
> url - my request is not working".
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
