archiva-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From marti...@apache.org
Subject [1/2] archiva-redback-core git commit: Adding some information about redback configuration settings
Date Fri, 14 Apr 2017 19:02:43 GMT
Repository: archiva-redback-core
Updated Branches:
  refs/heads/master a6ee0f877 -> a3ee32699


Adding some information about redback configuration settings


Project: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/commit/db185cb7
Tree: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/tree/db185cb7
Diff: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/diff/db185cb7

Branch: refs/heads/master
Commit: db185cb79de7c1ee059a973b90d783a82220bcd4
Parents: a6ee0f8
Author: Martin Stockhammer <martin_s@apache.org>
Authored: Sat Mar 18 18:33:14 2017 +0100
Committer: Martin Stockhammer <martin_s@apache.org>
Committed: Sat Mar 18 18:33:14 2017 +0100

----------------------------------------------------------------------
 .../archiva/redback/config-defaults.properties     | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/db185cb7/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties
----------------------------------------------------------------------
diff --git a/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties
b/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties
index 4b3e6fa..8a3a199 100644
--- a/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties
+++ b/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties
@@ -135,12 +135,19 @@ user.manager.impl=jdo
 
 # REST security settings
 
-# REST base url is for avoiding CSRF attacks
-# Enable CSRF filtering
+# Cross Site Request Forgery (CSRF) Prevention
+# --------------------------------------------
+# Enable/Disable CSRF filtering.
+# Possible values: true, false
 rest.csrffilter.enabled=true
-# If it is not set or empty it tries to determine the base url automatically
+# Base URL used to verify the origin headers of the requests. If not set or empty
+# it tries to determine the base url automatically
 rest.baseUrl=
-# If true, requests without Origin or Referer Header are denied
+# What to do, if the request contains no Origin or Referer header.
+# If true, requests without Origin or Referer Header are denied, otherwise accepted.
+# Possible values: true, false
 rest.csrffilter.absentorigin.deny=true
-# If true, the validation of the CSRF tokens will be disabled
+# Enable/Disable the token validation only.
+# If true, the validation of the CSRF tokens will be disabled.
+# Possible values: true, false
 rest.csrffilter.disableTokenValidation=false
\ No newline at end of file


Mime
View raw message