Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
32,510 Commits 29 Branches 469 Tags 832 MiB
Commit Graph

26 Commits

Author SHA1 Message Date
Kevin Risden 7ad7bbe05c
SOLR-13987: Admin UI should not rely on javascript eval() 
* Removes `'unsafe-eval'` from CSP `script-src`
* Enables Angular CSP mode
* Removes `eval()` JSON parsing in `cloud.js`
* Removes `jstree` themes error

Signed-off-by: Kevin Risden <krisden@apache.org>
 2019-12-07 16:52:19 -05:00
Robert Muir 55b77358cf SOLR-13982: set security-related http response headers by default 
Unfortunately, as a first start this is very weak protection against
e.g. XSS.  This is because some 'unsafe-xxx' rules must be present due
to the insecurity of angular JS: Until SOLR-13987 is fixed, XSS & co are
still easy.
 2019-12-03 06:18:11 -05:00
Cao Manh Dat 494d823e9d SOLR-13798: SSL: Adding Enabling/Disabling client's hostname verification config 2019-09-30 16:31:11 +01:00
Uwe Schindler e1901aaabb SOLR-13409: Disable HTML directory listings in admin interface to prevent possible security issues 2019-04-17 11:05:24 +02:00
Cao Manh Dat f80e8e1167 Merge jira/http2 branch to master 2018-12-16 16:58:20 +00:00
Jan Høydahl a3fc31e5d2 Remove unnecessary XML exclusions as Jetty handles these by default (janhoy) 2018-10-18 16:38:52 +02:00
Mark Miller 5e2a5a5b8c SOLR-10783: Add support for Hadoop Credential Provider as SSL/TLS store password source. 2018-04-09 21:57:56 -05:00
Erick Erickson 2900bb597d SOLR-11810: Upgrade Jetty to 9.4.8 2018-01-17 11:33:22 -08:00
Ishan Chattopadhyaya c8e0e939e4 SOLR-11183: V2 APIs are now available at /api endpoint 2017-08-20 21:00:15 +05:30
Chris Hostetter fb3d3f1c92 SOLR-10791: Remove deprecated options in SSLTestConfig 2017-06-01 10:50:58 -07:00
Mark Miller 0fb89f17e1 SOLR-10307: Allow Passing SSL passwords through environment variables. 2017-05-16 14:19:16 -03:00
Cao Manh Dat 0fb386a864 SOLR-8045: Deploy V2 API at /v2 instead of /solr/v2 2017-03-11 10:30:52 +07:00
Andrzej Bialecki 8bbdb6248c Squashed commit of branch 'feature/metrics', containing: 
SOLR-4735: Improve Solr metrics reporting
    SOLR-9812: Implement /admin/metrics API
    SOLR-9805: Use metrics-jvm library to instrument jvm internals
    SOLR-9788: Use instrumented jetty classes
 2016-12-20 09:31:24 +01:00
Kevin Risden bf424d1ec1 SOLR-9728: Ability to specify Key Store type in solr.in file for SSL 2016-11-28 09:52:02 -06:00
markrmiller ce172acb8f SOLR-4509: Move to non deprecated HttpClient impl classes to remove stale connection check on every request and move connection lifecycle management towards the client. 2016-04-01 12:21:59 -04:00
Shalin Shekhar Mangar 093d86901b SOLR-4839: Disable SSLv3 (POODLE) by default from our SSL config. Also added credits for Steve Rowe and Steve Davids. 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1676354 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-27 18:09:51 +00:00
Shalin Shekhar Mangar c3185b5489 SOLR-4839: Separate jetty and client specific SSL properties 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1676102 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-26 12:44:20 +00:00
Shalin Shekhar Mangar 299ddc5abe SOLR-4839: SSL support with Jetty 9. Also fixes SOLR-7449 on trunk. 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1675619 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-23 14:17:35 +00:00
Shalin Shekhar Mangar 9464d2afb7 SOLR-4839: Make our jetty configs resemble stock Jetty 9.3 configs more closely. Thread pool and common config goes to jetty.xml. All property names are prefixed with solr.jetty. SSL keystore paths are now absolute. 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1675337 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-22 11:35:31 +00:00
Chris M. Hostetter b17ed54025 SOLR-7240: '/' redirects to '/solr/' for convinience 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1669431 13f79535-47bb-0310-9956-ffa450edef68
 2015-03-26 20:51:23 +00:00
Steven Rowe ab8d012df6 SOLR-7008: Exclude server/etc/solrtest.keystore and create-solrtest.keystore.sh from the binary release packages 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1653551 13f79535-47bb-0310-9956-ffa450edef68
 2015-01-21 15:11:39 +00:00
Shalin Shekhar Mangar 27b5e4988f SOLR-4839: Remove jetty.port from start.ini and add default inside jetty-http.xml 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1649584 13f79535-47bb-0310-9956-ffa450edef68
 2015-01-05 16:43:46 +00:00
Shalin Shekhar Mangar 0d2c19d505 SOLR-4839: Removing extra license text from jetty xml and module files 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1649571 13f79535-47bb-0310-9956-ffa450edef68
 2015-01-05 16:23:02 +00:00
Shalin Shekhar Mangar a41b9954d1 SOLR-4839: Upgrade to Jetty 9 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1649552 13f79535-47bb-0310-9956-ffa450edef68
 2015-01-05 15:45:58 +00:00
Steven Rowe 2189b7a761 LUCENE-6134: fix typos: it's->its, its->it's, etc. 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1647735 13f79535-47bb-0310-9956-ffa450edef68
 2014-12-24 05:48:58 +00:00
Timothy Potter 05ad610074 SOLR-3619: Rename 'example' dir to 'server' 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1635666 13f79535-47bb-0310-9956-ffa450edef68
 2014-10-31 04:30:52 +00:00