You could do that, but why? Are your customers not concerned about security?
-Adrian
Angelo Matarazzo wrote:
Hello, Everyone
I have seen the new security improvement, but I would like to know if there
is a global property in order to ignore https="true" for every request.
To ignore https in every controller.xml, I have set https=N in
url.properties
and I have also modified ConfigXml.java in this way
- if (securityElement != null) {
- this.securityHttps =
"true".equals(securityElement.getAttribute("https"));
+ if (securityElement != null) {
+ this.securityHttps = false;
So I don't use secure URLs.
Waht do you think about global property and my solution?
Any advice would be greatly appreciated.
Thank you
