[jira] Closed: (MRM-1445) disable referrer check by default

Brett Porter (JIRA) Tue, 14 Dec 2010 20:00:29 -0800

     [ 
http://jira.codehaus.org/browse/MRM-1445?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Brett Porter closed MRM-1445.
-----------------------------

       Resolution: Fixed
    Fix Version/s: 1.3.3
         Assignee: Brett Porter

> disable referrer check by default
> ---------------------------------
>
>                 Key: MRM-1445
>                 URL: http://jira.codehaus.org/browse/MRM-1445
>             Project: Archiva
>          Issue Type: Task
>          Components: Users/Security
>    Affects Versions: 1.3.2
>            Reporter: Brett Porter
>            Assignee: Brett Porter
>             Fix For: 1.3.3
>
>
> The redback referrer header check that was added can occasionally cause 
> problems, and is only a preventative measure for other CSRF vulnerabilities.
> It should be disabled by default, but the configuration for enabling it 
> documented.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Closed: (MRM-1445) disable referrer check by default

Reply via email to