This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release24.09
in repository https://gitbox.apache.org/repos/asf/ofbiz-plugins.git
The following commit(s) were added to refs/heads/release24.09 by this push:
new d506f8f8f Improved: Better secure "openSourceFile" request-map
(OFBIZ-13316)
d506f8f8f is described below
commit d506f8f8f75e5864d52481b12cc725e4910b8a5c
Author: Jacques Le Roux <[email protected]>
AuthorDate: Wed Nov 19 17:58:01 2025 +0100
Improved: Better secure "openSourceFile" request-map (OFBIZ-13316)
See OFBIZ-12018
---
ecommerce/webapp/ecommerce/WEB-INF/controller.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ecommerce/webapp/ecommerce/WEB-INF/controller.xml
b/ecommerce/webapp/ecommerce/WEB-INF/controller.xml
index 1992d9d73..3d7fa706b 100644
--- a/ecommerce/webapp/ecommerce/WEB-INF/controller.xml
+++ b/ecommerce/webapp/ecommerce/WEB-INF/controller.xml
@@ -185,7 +185,7 @@ under the License.
<!-- open the corresponding FTL file with IDE when the named border is
clicked from browser -->
<request-map uri="openSourceFile">
- <security https="false" auth="false"/>
+ <security https="true" auth="true"/>
<event type="java" path="org.apache.ofbiz.common.CommonEvents"
invoke="openSourceFile"/>
<response name="success" type="none" />
<response name="error" type="none" />
