[
https://issues.apache.org/jira/browse/SOLR-17434?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17879036#comment-17879036
]
ASF subversion and git services commented on SOLR-17434:
--------------------------------------------------------
Commit 675a41516e3f3bacfc975590773e7abdca444ff4 in solr's branch
refs/heads/branch_9_7 from David Smiley
[ https://gitbox.apache.org/repos/asf?p=solr.git;h=675a41516e3 ]
SOLR-17434: Jetty relativeRedirectAllowed=true (#2673)
Avoids a minor security matter of exposing a host & port in certain cases.
https://github.com/jetty/jetty.project/issues/11014
Not needed in Jetty 12 (Solr 10).
(cherry picked from commit fbd96cf5d3a2187c587d48f9f8c735493a4a0899)
> Jetty relativeRedirectAllowed should be true
> --------------------------------------------
>
> Key: SOLR-17434
> URL: https://issues.apache.org/jira/browse/SOLR-17434
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: David Smiley
> Priority: Minor
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> For a minor security benefit, avoiding exposing Solr's host & port number in
> an obscure case:
> [https://github.com/jetty/jetty.project/issues/11014]
> Assuming Solr main/10 moves on to Jetty 12, this configuration change is only
> applicable to Solr 9.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
