Versions Compared

Old Version 2

changes.mady.by.user Lukasz Lenart

Saved on

compared with

New Version 3

changes.mady.by.user Lukasz Lenart

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
xml
titleStaging Repository
xml
<repositories>
  <repository>
    <id>apache.nexus</id>
    <name>ASF Nexus Staging</name>
    <url>https://repository.apache.org/content/groups/staging/</url>
  </repository>
</repositories>

Internal Changes

  • Improves excluded params to avoid ClassLoader manipulation via ParametersInterceptor
  • Adds excluded params to CookieInterceptor to avoid ClassLoader manipulation when the interceptors is configured to accept all cookie names (wildcard matching via "*")
  • Upgrades Commons FileUpload to version 1.3.1 to prevent DoS attacks, more details can be found here and here
  • Excludes 'class' parameter name to avoid ClassLoader manipulation via ParametersInterceptor

Issue Detail

Issue List

Other resources

...