Return-Path: X-Original-To: apmail-lucene-dev-archive@www.apache.org Delivered-To: apmail-lucene-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9C43FC2A9 for ; Thu, 24 May 2012 13:36:01 +0000 (UTC) Received: (qmail 90617 invoked by uid 500); 24 May 2012 13:35:58 -0000 Delivered-To: apmail-lucene-dev-archive@lucene.apache.org Received: (qmail 90536 invoked by uid 500); 24 May 2012 13:35:58 -0000 Mailing-List: contact dev-help@lucene.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@lucene.apache.org Delivered-To: mailing list dev@lucene.apache.org Received: (qmail 90440 invoked by uid 99); 24 May 2012 13:35:58 -0000 Received: from issues-vm.apache.org (HELO issues-vm) (140.211.11.160) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 May 2012 13:35:58 +0000 Received: from isssues-vm.apache.org (localhost [127.0.0.1]) by issues-vm (Postfix) with ESMTP id AA83614282A for ; Thu, 24 May 2012 13:35:55 +0000 (UTC) Date: Thu, 24 May 2012 13:35:55 +0000 (UTC) From: =?utf-8?Q?Rapha=C3=ABl_Droz_=28JIRA=29?= To: dev@lucene.apache.org Message-ID: <1621805261.133.1337866555700.JavaMail.jiratomcat@issues-vm> In-Reply-To: <1625098254.66.1337865715518.JavaMail.jiratomcat@issues-vm> Subject: [jira] [Comment Edited] (SOLR-3485) Make /browse (files and handlers) dependencies self URL-contained MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/SOLR-3485?page=3Dcom.atlassian.= jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=3D13282= 500#comment-13282500 ]=20 Rapha=C3=ABl Droz edited comment on SOLR-3485 at 5/24/12 1:34 PM: ------------------------------------------------------------- patch affects the example configuration : * changes the location of expected for jquery.autocomplete.* and main.css * creates the corresponding /browse/file solr.admin.ShowFileRequestHandler. It makes use of the patch provided in issue SOLR-1833 in order to provide a= ccess to the restricted set of files absolutely needed and explicitly allow= ed. =20 was (Author: drzraf): patch affects the example configuration : * changes the location of expected for jquery.autocomplete.* and main.css * creates the corresponding /browse/file solr.admin.ShowFileRequestHandler. It makes use of the patch provided in issue #SOLR-1833 in order to provide = access to the restricted set of files absolutely needed and explicitly allo= wed. =20 > Make /browse (files and handlers) dependencies self URL-contained > ----------------------------------------------------------------- > > Key: SOLR-3485 > URL: https://issues.apache.org/jira/browse/SOLR-3485 > Project: Solr > Issue Type: Improvement > Components: web gui > Affects Versions: 4.0 > Reporter: Rapha=C3=ABl Droz > Priority: Minor > Attachments: SOLR-3485-browse-static-files-URL-1.patch > > > Assuming that /browse may be, now or later, safe for a public use it woul= d be very useful to make it "self-contained" in a given URL pattern in orde= r to allow URL-based access restrictions. > There are 3 issues here : > * static files (css/js/img) > * external handlers like /terms, /clustering > * pattern switch between /browse/* and /collection1/browse/* > I only try to address the 1st issue, in the comment below. > If both /terms and /clustering are safe to be public, then issue 2 may be= omitted. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrato= rs: https://issues.apache.org/jira/secure/ContactAdministrators!default.jsp= a For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org For additional commands, e-mail: dev-help@lucene.apache.org