[jira] Created: (MRM-1445) disable referrer check by default

Brett Porter (JIRA) Tue, 14 Dec 2010 18:31:27 -0800

disable referrer check by default
---------------------------------

                 Key: MRM-1445
                 URL: http://jira.codehaus.org/browse/MRM-1445
             Project: Archiva
          Issue Type: Task
          Components: Users/Security
    Affects Versions: 1.3.2
            Reporter: Brett Porter



The redback referrer header check that was added can occasionally cause 
problems, and is only a preventative measure for other CSRF vulnerabilities.

It should be disabled by default, but the configuration for enabling it 
documented.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Created: (MRM-1445) disable referrer check by default

Reply via email to