Wiki Markup |
{scrollbar} |
Security FAQ
Wiki Markup |
{float:right|background=""
{contentbylabel:title=Related Articles|showLabels=false|showSpace=false|space=@self|labels=security}
{float}
|
The built-in PageCatalog and ServiceStatus pages are visible in my production application and I don't want them to be, what can I do?
...
Sometimes, in production, a firewall or proxy may make it look like the client web browser originates from localhost; in that situation, you may want to disable the logic that puts localhost onto the whitelist. This determination is made by the contributions to the ClientWhitelist service. Tapestry makes a contribution with id "LocalhostOnly", which one of your modules can override:
Code Block |
@Contribute(ClientWhitelist.class)
public static void turnOffLocalhostInProduction(OrderedConfiguration<WhitelistAnalyzer> configuration,
@Symbol(SymbolConstants.PRODUCTION_MODE) boolean productionMode) {
if (productionMode) { configuration.override("LocalhostOnly", null); }
}
|
...