Author: cziegeler Date: Wed Aug 3 16:47:37 2011 New Revision: 1153576 URL: http://svn.apache.org/viewvc?rev=1153576&view=rev Log: Update default list
Modified: sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java Modified: sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java?rev=1153576&r1=1153575&r2=1153576&view=diff ============================================================================== --- sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java (original) +++ sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java Wed Aug 3 16:47:37 2011 @@ -125,6 +125,7 @@ public class ReferrerFilter implements F referrers.add("https://localhost" + ":0"); referrers.add("https://127.0.0.1" + ":0"); referrers.add("https://[::1]" + ":0"); + referrers.add("https://[::1]" + ":0"); return referrers; } @@ -267,6 +268,10 @@ public class ReferrerFilter implements F if ( referrer.indexOf(":/") == - 1 ) { return true; } + // check for air referrer - which is always allowed + if ( referrer.startsWith("app:/") ) { + return true; + } final HostInfo info = getHost(referrer); if ( info == null ) {