[ofbiz-framework] branch trunk updated: reverted: CLONE - Use only HTTPS in OFBiz

Mon, 04 May 2020 04:21:22 -0700 

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new fde21d0  reverted: CLONE - Use only HTTPS in OFBiz
fde21d0 is described below

commit fde21d0b106b94289371c5628d3f349d0b5001ee
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Mon May 4 13:21:03 2020 +0200

    reverted: CLONE - Use only HTTPS in OFBiz
    
    (OFBIZ-11643)
    
    Reverted, this needs more work
---
 framework/webapp/config/url.properties                    | 2 +-
 framework/webapp/dtd/site-conf.xsd                        | 7 +++++++
 framework/webtools/webapp/webtools/WEB-INF/controller.xml | 2 ++
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/framework/webapp/config/url.properties 
b/framework/webapp/config/url.properties
index 08cb9c5..15d0f53 100644
--- a/framework/webapp/config/url.properties
+++ b/framework/webapp/config/url.properties
@@ -22,7 +22,7 @@
 
 # If you want to use HTTP then set no.http=N. Else all requests will use HTTPS 
(also enforced by a HSTS header) except if put in the http.request-map.list  
 no.http=Y
-http.request-map.list=SOAPService,xmlrpc,viewShipmentLabel,worldPayNotify,payPalNotify
+http.request-map.list=SOAPService,xmlrpc,viewShipmentLabel
 
 # HTTPS Port (Secure port)
 port.https.enabled=Y
diff --git a/framework/webapp/dtd/site-conf.xsd 
b/framework/webapp/dtd/site-conf.xsd
index a9aa64d..01d0046 100644
--- a/framework/webapp/dtd/site-conf.xsd
+++ b/framework/webapp/dtd/site-conf.xsd
@@ -267,6 +267,13 @@ under the License.
         </xs:complexType>
     </xs:element>
     <xs:attributeGroup name="attlist.security">
+        <xs:attribute type="xs:boolean" name="https" default="false">
+            <xs:annotation>
+                <xs:documentation>
+                    If https=true, redirect to/use/generate the secured HTTPS 
protocol if necessary and possible.
+                </xs:documentation>
+            </xs:annotation>
+        </xs:attribute>
         <xs:attribute type="xs:boolean" name="auth" default="false">
             <xs:annotation>
                 <xs:documentation>
diff --git a/framework/webtools/webapp/webtools/WEB-INF/controller.xml 
b/framework/webtools/webapp/webtools/WEB-INF/controller.xml
index 74ae02b..72eec1e 100644
--- a/framework/webtools/webapp/webtools/WEB-INF/controller.xml
+++ b/framework/webtools/webapp/webtools/WEB-INF/controller.xml
@@ -92,11 +92,13 @@ under the License.
         <response name="error" type="none"/>
     </request-map>
     <request-map uri="SOAPService">
+        <security https="false"/>
         <event type="soap"/>
         <response name="error" type="none"/>
         <response name="success" type="none"/>
     </request-map>
     <request-map uri="xmlrpc" track-serverhit="false" track-visit="false">
+        <security https="false"/>
         <event type="xmlrpc"/>
         <response name="error" type="none"/>
         <response name="success" type="none"/>

Reply via email to