[jira] [Updated] (JCR-4009) CSRF in Jackrabbit-Webdav

[ https://issues.apache.org/jira/browse/JCR-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Julian Reschke updated JCR-4009: Attachment: JCR-4009.diff Fix (work-in-progress) > CSRF in Jackrabbit-Webdav > --

[jira] [Comment Edited] (JCR-4009) CSRF in Jackrabbit-Webdav

[ https://issues.apache.org/jira/browse/JCR-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15449446#comment-15449446 ] Julian Reschke edited comment on JCR-4009 at 8/31/16 6:51 AM: --

[jira] [Commented] (JCR-4009) CSRF in Jackrabbit-Webdav

[ https://issues.apache.org/jira/browse/JCR-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15449446#comment-15449446 ] Julian Reschke commented on JCR-4009: - I have a semi-functional patch. It currently fail

ApacheCon Seville CFP closes September 9th

It's traditional. We wait for the last minute to get our talk proposals in for conferences. Well, the last minute has arrived. The CFP for ApacheCon Seville closes on September 9th, which is less than 2 weeks away. It's time to get your talks in, so that we can make this the best ApacheCon yet. I

[jira] [Commented] (JCR-4009) CSRF in Jackrabbit-Webdav

[ https://issues.apache.org/jira/browse/JCR-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15449214#comment-15449214 ] Julian Reschke commented on JCR-4009: - ...also, rejecting POST in the base servlet of co

Re: [VOTE] Release Apache Jackrabbit Oak 1.5.9

[X] +1 Release this package as Apache Jackrabbit Oak 1.5.9 PS: Just a slight note. This is the first time I had to setup maven for higher mem usage (it had been default up till this point)... the build was running out of memory otherwise. Not sure if that's worth checking something further... Tha

[jira] [Created] (JCRVLT-125) Lift the limitation of the vault sync to only support nt:file

Konrad Windszus created JCRVLT-125: -- Summary: Lift the limitation of the vault sync to only support nt:file Key: JCRVLT-125 URL: https://issues.apache.org/jira/browse/JCRVLT-125 Project: Jackrabbit F

[jira] [Commented] (JCR-4002) CSRF in Jackrabbit-Webdav using empty content-type

[ https://issues.apache.org/jira/browse/JCR-4002?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15449010#comment-15449010 ] Julian Reschke commented on JCR-4002: - FWIW, the whitespace in the media type properly c

[jira] [Commented] (JCR-4009) CSRF in Jackrabbit-Webdav

[ https://issues.apache.org/jira/browse/JCR-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15448951#comment-15448951 ] Julian Reschke commented on JCR-4009: - I believe the right fix is to undo the changes fo

[jira] [Updated] (JCR-4009) CSRF in Jackrabbit-Webdav

[ https://issues.apache.org/jira/browse/JCR-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Julian Reschke updated JCR-4009: Labels: csrf security webdav (was: ) > CSRF in Jackrabbit-Webdav > - > >

[jira] [Updated] (JCR-4009) CSRF in Jackrabbit-Webdav

[ https://issues.apache.org/jira/browse/JCR-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Julian Reschke updated JCR-4009: Priority: Blocker (was: Major) > CSRF in Jackrabbit-Webdav > - > >

[jira] [Created] (JCR-4009) CSRF in Jackrabbit-Webdav

Julian Reschke created JCR-4009: --- Summary: CSRF in Jackrabbit-Webdav Key: JCR-4009 URL: https://issues.apache.org/jira/browse/JCR-4009 Project: Jackrabbit Content Repository Issue Type: Bug