Hi,
I don't care about the method name, so I reverted it to #getCspSettings().
AFAIKS the documentation stays valid in that case?
Have fun
Sven
On 12.03.20 09:42, Emond Papegaaij wrote:
Hi,
Agreed, but first, the documentation needs to be updated with the new
API. I like most of the changes, except for the new method name for
'getContentSecurityPolicySettings()'. IMHO it's too long and everyone
calls it CSP. I'd rather stick with 'getCspSettings()'. The
documentation in 'ContentSecurityPolicySettings' is already missing
'Policy'.
Best regards,
Emond
On Thu, Mar 12, 2020 at 8:16 AM Martin Grigorov <mgrigo...@apache.org> wrote:
Hi,
Sven just made some API breaking changes with
https://gitbox.apache.org/repos/asf?p=wicket.git;h=88e8d36, for good!
If we want the next release to be the final one then I suggest to cancel
this vote and start over with the new change.
Martin
On Tue, Mar 10, 2020 at 10:50 PM Andrea Del Bene <an.delb...@gmail.com>
wrote:
This is a vote to release Apache Wicket 9.0.0-M5
Please download the source distributions found in our staging area
linked below.
I have included the signatures for both the source archives. This vote
lasts for 72 hours minimum.
[ ] Yes, release Apache Wicket 9.0.0-M5
[ ] No, don't release Apache Wicket 9.0.0-M5, because ...
Distributions, changelog, keys and signatures can be found at:
https://dist.apache.org/repos/dist/dev/wicket/9.0.0-M5
Staging repository:
https://repository.apache.org/content/repositories/orgapachewicket-1137/
The binaries are available in the above link, as are a staging
repository for Maven. Typically the vote is on the source, but should
you find a problem with one of the binaries, please let me know, I can
re-roll them some way or the other.
Staging git repository data:
Repository: g...@github.com:bitstorm/wicket.git
Branch: build/wicket-9.0.0-M5
Release tag: rel/wicket-9.0.0-M5
========================================================================
The signatures for the source release artefacts:
Signature for apache-wicket-9.0.0-M5.zip:
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl5n/CoACgkQh48B+qjT
VuHd2RAAijpTFLBY5tr9GOjZPk0y//Kog/8IYi9dJjkOtJtFky7UhNzlmFVx7Yz7
hbc5ecLeeXz3oLZHkECjKda5086aopXzFzsS8jLQM1/yqZ4jD2zd1E7evw+Kxj+v
cOi6+XxV8m508R7qs8pob9rs5Z/wfDocEOvVBM4SNxFCmFxENUvwImgEq89Vg2pQ
iMjFK2zUk4L82cc1hEN3+GKfe1LvnlDJIp2ebP+ntlBr8Nrc7MR/jOrJxSRr+wBp
/U6y9jEVSuR5rrN4KKFvSLDfGOdOvug6JVhzVFJ6lKjqSKPNQ4Ml+ZWe2cEdu/qD
VYEn4kaioVX539424HugXQK1Z4jvNA0NJVmvWuYOsZYQeRGlccOzAsgXuYUNFllR
UmCw1mpFLz0OMSfFdv125gj4MxSOsl+H5eY4LJuZWBfk/6BXRBDINJo4kjaq7tq1
GLfVoHB5dvrDp3R9WsFzGQJA4InrF8w+/m08p1haRiny0Vqch4s/zTG82nrp9bPR
Iyrt97SAWquXeMwRXqdA68cBvB5UjTkbdI6BtP7pNMGtklaV2R9vbdU18opIJf0K
ANzjxROr+DkgEcmthLIKlkErKr+UfeAZU84lRMfaD4QlWFB4jmwW+BEBiCMUSia2
8IHaOJ8OBMXuBD7dK9dnpm6FoOY8qCYGAwBPzM5l2bzj+50s9a0=
=qrHX
-----END PGP SIGNATURE-----
Signature for apache-wicket-9.0.0-M5.tar.gz:
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl5n/CkACgkQh48B+qjT
VuHvRA//ekwcb/9Lb1q1g33chXIpXAxXQJe/mOdX2rDPQUQIN2Diw8V2a9ZuFdFb
7AUKXfMHBk9zOZO7HKWI1FBUp0UW9VC8p4ut+5ssBWjEaF/FKxzh/rG4J7vG9Tul
oD6KlAE4h7dx/lERbpKZy9Vs/Po65+oIypf3sD+iVFms7I0jxiE/81P8kMSEuD2S
l4pzXnKmMkuzfSkTJLOak6K6Rho8a+rsvWzr/NjG3yJ23M04Oi589Eft66MEMZFw
N8VgWRuBBIQkIzIlCmLu1xTbk/j95Qnt5lgCs2E4gCVfH0qlmsTroFVCjDW97WEX
/Iq7Dk0XUjMP7u9d+JXceLObFVi8/rng803M260h2WbRC0zbSq78RSdDk1fNQWlM
5OXvS2Q0dp73+gn1VBc3lt/7TzUeIzq2aQlG3GsOBTH3ZU+G8HCaGmIL7b4Ge27J
rtxLG6bnBIEXmr96cDXPDqdIuthMCIHB1DcitHPDCyHISXXCC+1ZJXcLACi/dgVF
trbjJJFpaVYQeNLFLUYZZZzvCUFClAfE47ieSRmWUIjMNn2Ob6EslYHqK7qxlbzE
eUFSkhpfzU31RGXoaEwTJLe8uweIJ/lWouy8PajsiMGmVHeWjorMn37UTLoZxIKo
uUHpAZoFp1DHYPqOWPPxrymHctYEMAtSfbmLSV590qaCIYr3fiw=
=UkVf
-----END PGP SIGNATURE-----
========================================================================
CHANGELOG for 9.0.0-M5:
** Bug
* [WICKET-6745] - CSP: inline JS in server and client time response
filters
* [WICKET-6746] - HttpsMapper cannot deal with resources over
websockets
* [WICKET-6752] - Some dependencies contain CVEs
* [WICKET-6753] - res/modal.js using aria-labelledby where it
should be using aria-label
* [WICKET-6754] - Iteration stops with nested containers
** New Feature
* [WICKET-6727] - Configurable CSP
* [WICKET-6729] - allow adding IHeaderResponseDecorator without
replacing all others
* [WICKET-6730] - Global access to secure random data
** Improvement
* [WICKET-6724] - CSP: Inline Javascript in AjaxLink
* [WICKET-6725] - CSP: display:none in Component.renderPlaceholderTag
* [WICKET-6726] - CSP: inline styling and js in Form submitbutton
handling
* [WICKET-6731] - CSP: inline JS in SubmitLink
* [WICKET-6732] - CSP: inline JS in Link and ExternalLink
* [WICKET-6733] - CSP: enable by default
* [WICKET-6735] - CSP: inline styling in
FormComponentFeedbackBorder/Indicator
* [WICKET-6736] - CSP: Inline styling in BrowserInfoForm
* [WICKET-6737] - CSP: violations in examples
* [WICKET-6738] - CSP: inline styling in UploadProgressBar
* [WICKET-6739] - CSP: inline JS in Palette
* [WICKET-6740] - CSP: inline JS in Button
* [WICKET-6741] - CSP: inline JS in FormComponentUpdatingBehavior
* [WICKET-6749] - CSP: Inline styling in ExceptionErrorPage.html
* [WICKET-6750] - add capability to cancel ongoing AJAX requests
from client side
** Task
* [WICKET-6687] - Cleanup the code from attribute inline styles and
attribute inline scripts
* [WICKET-6747] - Document CSP in user guide and migration guide
