[jira] [Assigned] (TIKA-2081) Add back 'fileUrl' functionality to TikaJAXRS Server subject to security controls

Tim Allison (JIRA) Sat, 17 Sep 2016 04:35:06 -0700

     [ 
https://issues.apache.org/jira/browse/TIKA-2081?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Tim Allison reassigned TIKA-2081:
---------------------------------

    Assignee: Tim Allison

> Add back 'fileUrl' functionality to TikaJAXRS Server subject to security 
> controls
> ---------------------------------------------------------------------------------
>
>                 Key: TIKA-2081
>                 URL: https://issues.apache.org/jira/browse/TIKA-2081
>             Project: Tika
>          Issue Type: Task
>          Components: server
>    Affects Versions: 1.13
>         Environment: All versions
>            Reporter: John Dougrez-Lewis
>            Assignee: Tim Allison
>            Priority: Minor
>              Labels: features, security
>             Fix For: 1.14
>
>
> Add back 'fileUrl' functionality from version 1.9 to TikaJAXRS Server subject 
> to additional security controls:
> disable by default
> only enable if appropriate configuration flags are specified
> when enabled print warning displaying at least CVE ID: CVE-2015-3271.
> as discussed on dev@tika.apache.org mailing list under title "Query on 
> correct use of 'fileUrl' in TikaJAXRS Server to extract document at remote 
> url - my request is not working".



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Assigned] (TIKA-2081) Add back 'fileUrl' functionality to TikaJAXRS Server subject to security controls

Reply via email to