From 5144fbb24c9c431dcb36789c04d9e6214d0b63e0 Mon Sep 17 00:00:00 2001 From: Stanislav Knot Date: Mon, 26 Feb 2018 17:49:25 +0100 Subject: [PATCH] ARTREMIS-1703 disable listing in web console --- .../activemq-branding/src/main/resources/WEB-INF/web.xml | 6 ++++++ .../artemis-plugin/src/main/resources/WEB-INF/web.xml | 6 ++++++ .../activemq/artemis/component/WebServerComponent.java | 3 ++- 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/artemis-hawtio/activemq-branding/src/main/resources/WEB-INF/web.xml b/artemis-hawtio/activemq-branding/src/main/resources/WEB-INF/web.xml index b9ba164384..3fd8b746be 100644 --- a/artemis-hawtio/activemq-branding/src/main/resources/WEB-INF/web.xml +++ b/artemis-hawtio/activemq-branding/src/main/resources/WEB-INF/web.xml @@ -48,6 +48,12 @@ ${plugin-scripts} + + Disable listing of directories and files + org.eclipse.jetty.servlet.Default.dirAllowed + false + + org.apache.activemq.hawtio.branding.PluginContextListener diff --git a/artemis-hawtio/artemis-plugin/src/main/resources/WEB-INF/web.xml b/artemis-hawtio/artemis-plugin/src/main/resources/WEB-INF/web.xml index b6c454e5d6..a75489c5d2 100644 --- a/artemis-hawtio/artemis-plugin/src/main/resources/WEB-INF/web.xml +++ b/artemis-hawtio/artemis-plugin/src/main/resources/WEB-INF/web.xml @@ -48,6 +48,12 @@ ${plugin-scripts} + + Disable listing of directories and files + org.eclipse.jetty.servlet.Default.dirAllowed + false + + org.apache.activemq.hawtio.plugin.PluginContextListener diff --git a/artemis-web/src/main/java/org/apache/activemq/artemis/component/WebServerComponent.java b/artemis-web/src/main/java/org/apache/activemq/artemis/component/WebServerComponent.java index d85d621807..dedbcfd7b6 100644 --- a/artemis-web/src/main/java/org/apache/activemq/artemis/component/WebServerComponent.java +++ b/artemis-web/src/main/java/org/apache/activemq/artemis/component/WebServerComponent.java @@ -110,7 +110,7 @@ public class WebServerComponent implements ExternalComponent { ResourceHandler resourceHandler = new ResourceHandler(); resourceHandler.setResourceBase(warDir.toString()); - resourceHandler.setDirectoriesListed(true); + resourceHandler.setDirectoriesListed(false); resourceHandler.setWelcomeFiles(new String[]{"index.html"}); DefaultHandler defaultHandler = new DefaultHandler(); @@ -120,6 +120,7 @@ public class WebServerComponent implements ExternalComponent { context.setContextPath("/"); context.setResourceBase(warDir.toString()); context.setHandler(resourceHandler); + context.setInitParameter("org.eclipse.jetty.servlet.Default.dirAllowed", "false"); handlers.addHandler(context); handlers.addHandler(defaultHandler);