nmalin opened a new pull request, #839: URL: https://github.com/apache/ofbiz-framework/pull/839
Second improvement on this functionality with increase the security by analyse each script to control the presence of potential code injection. The regexp to control is a property: security.deniedScriptletsTokens. If a script match the regexp, OFBiz raise in log an alert with the script and the script hash. The script is disabled and can't run. If you have a safe script who is matched by the regexp, you can add the hash given by OFBiz on the property: security.allowedScriptletHashes -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
