[ https://issues.apache.org/jira/browse/SLING-3829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14490309#comment-14490309 ]
Rob Ryan edited comment on SLING-3829 at 4/10/15 8:33 PM: ---------------------------------------------------------- [~asanso] in thinking about this filter I don't think it's rejection of asterisk to whitelist all mimetypes is appropriate. Given a subtree say /i/am/trusted with appropriate access controls one might wish to serve anything from it, *but* the same might not be said of /i/am/not/trusted... was (Author: rr...@adobe.com): [~asanso] in thinking about this filter I don't think it's rejection of ** to whitelist all mimetypes is appropriate. Given a subtree say /i/am/trusted with appropriate access controls one might wish to serve anything from it, *but* the same might not be said of /i/am/not/trusted... > Add support for Content-Disposition attachment > ----------------------------------------------- > > Key: SLING-3829 > URL: https://issues.apache.org/jira/browse/SLING-3829 > Project: Sling > Issue Type: Improvement > Components: Extensions > Reporter: Antonio Sanso > Assignee: Antonio Sanso > Priority: Minor > Fix For: Security 1.0.10 > > Attachments: ContentDispositionFilter.java, SLING-3829-patch.txt > > > In some situation will be useful (and safer) to force Content-Disposition > attachment for some Content-Type (configurable ) under some specific (and > sensitive) path (configurable) -- This message was sent by Atlassian JIRA (v6.3.4#6332)