svn commit: r1153576 - /sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java

[cziegeler]

Author: cziegeler
Date: Wed Aug  3 16:47:37 2011
New Revision: 1153576

URL: http://svn.apache.org/viewvc?rev=1153576&view=rev
Log:
Update default list

Modified:
    
sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java

Modified: 
sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
URL: 
http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java?rev=1153576&r1=1153575&r2=1153576&view=diff
==============================================================================
--- 
sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
 (original)
+++ 
sling/trunk/contrib/extensions/security/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
 Wed Aug  3 16:47:37 2011
@@ -125,6 +125,7 @@ public class ReferrerFilter implements F
         referrers.add("https://localhost"; + ":0");
         referrers.add("https://127.0.0.1"; + ":0");
         referrers.add("https://[::1]"; + ":0");
+        referrers.add("https://[::1]"; + ":0");
         return referrers;
     }
 
@@ -267,6 +268,10 @@ public class ReferrerFilter implements F
         if ( referrer.indexOf(":/") == - 1 ) {
             return true;
         }
+        // check for air referrer - which is always allowed
+        if ( referrer.startsWith("app:/") ) {
+            return true;
+        }
 
         final HostInfo info = getHost(referrer);
         if ( info == null ) {