[
https://issues.apache.org/jira/browse/TAP5-2601?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thiago H. de Paula Figueiredo resolved TAP5-2601.
-------------------------------------------------
Resolution: Implemented
A new service, `ClasspathAssetProtectionRule`, which receives contributions of
`ClasspathAssetProtectionRule`
instances, was created to you can easily add rules to block requests to
classpath assets according to your
security needs.
Three rules are added out-of-the-box and may be overriden:
* `ClassFile`: blocks access to assets with `.class` endings (case insensitive).
* `PropertiesFile`: blocks access to assets with `.properties` endings (case
insensitive).
* `XMLFile`: blocks access to assets with `.xml` endings (case insensitive).
> Add configurable service to block access to classpath assets
> ------------------------------------------------------------
>
> Key: TAP5-2601
> URL: https://issues.apache.org/jira/browse/TAP5-2601
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.5.0, 5.4.3
> Reporter: Thiago H. de Paula Figueiredo
> Assignee: Thiago H. de Paula Figueiredo
> Priority: Major
> Labels: features
>
> There's no built-in way in Tapestry of blocking access to classpath assets,
> so we should create a new service we can contribute blocking rules.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
