[
https://issues.apache.org/jira/browse/WICKET-6703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16939767#comment-16939767
]
Emond Papegaaij commented on WICKET-6703:
-
Yes, but that would really limit the attacker to
[
https://issues.apache.org/jira/browse/WICKET-6704?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16939733#comment-16939733
]
Sven Meier commented on WICKET-6704:
You've written it in your code comments already: This is weird!
[
https://issues.apache.org/jira/browse/WICKET-6703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16939636#comment-16939636
]
Sven Meier commented on WICKET-6703:
Thanks [~papegaaij] , but in case of Wicket I don't see a
The Buildbot has detected a restored build on builder wicket-master while
building wicket. Full details are available at:
https://ci.apache.org/builders/wicket-master/builds/1173
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: bb_slave1_ubuntu
Build Reason: The
[
https://issues.apache.org/jira/browse/WICKET-6682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sven Meier resolved WICKET-6682.
Fix Version/s: (was: 9.0.0-M3)
9.0.0-M4
Resolution: Fixed
CSP
The Buildbot has detected a restored build on builder wicket-master-java13
while building wicket. Full details are available at:
https://ci.apache.org/builders/wicket-master-java13/builds/128
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: bb_slave1_ubuntu
Build Reason: The
The Buildbot has detected a restored build on builder wicket-master-java14
while building wicket. Full details are available at:
https://ci.apache.org/builders/wicket-master-java14/builds/37
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: bb_slave1_ubuntu
Build Reason: The
The Buildbot has detected a restored build on builder wicket-master-java12
while building wicket. Full details are available at:
https://ci.apache.org/builders/wicket-master-java12/builds/132
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: bb_slave1_ubuntu
Build Reason: The
[
https://issues.apache.org/jira/browse/WICKET-6682?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16939575#comment-16939575
]
ASF subversion and git services commented on WICKET-6682:
-
Commit
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 3106380 WICKET-6682 added license headers
The Buildbot has detected a new failure on builder wicket-master while building
wicket. Full details are available at:
https://ci.apache.org/builders/wicket-master/builds/1172
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: bb_slave1_ubuntu
Build Reason: The
The Buildbot has detected a new failure on builder wicket-master-java14 while
building wicket. Full details are available at:
https://ci.apache.org/builders/wicket-master-java14/builds/36
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: bb_slave1_ubuntu
Build Reason: The
The Buildbot has detected a new failure on builder wicket-master-java12 while
building wicket. Full details are available at:
https://ci.apache.org/builders/wicket-master-java12/builds/131
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: bb_slave1_ubuntu
Build Reason: The
[
https://issues.apache.org/jira/browse/WICKET-6682?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16939412#comment-16939412
]
ASF subversion and git services commented on WICKET-6682:
-
Commit
[
https://issues.apache.org/jira/browse/WICKET-6682?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16939413#comment-16939413
]
ASF subversion and git services commented on WICKET-6682:
-
Commit
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git.
from 0a1c335 WICKET-6701 configurable content disposition
new a1a53a9 WICKET-6682 CSP must use 'strict-dynamic'
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
commit 5d99df322d62e3ea8a443d2f90dfac03a708dbb5
Author: Sven Meier
AuthorDate: Fri Sep 27 14:38:19 2019 +0200
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
commit a1a53a9d8da0e06520ff68d58b3f4dd64d329a9f
Author: Sven Meier
AuthorDate: Fri Sep 27 12:40:55 2019 +0200
[
https://issues.apache.org/jira/browse/WICKET-6682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sven Meier reopened WICKET-6682:
This doesn't work for JS/Css resources added via Ajax yet. We'll have to add
'strict-dynamic' to the
[
https://issues.apache.org/jira/browse/WICKET-6703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16939351#comment-16939351
]
Emond Papegaaij commented on WICKET-6703:
-
Yes, this is more secure. Remember that this is about
Joe K created WICKET-6704:
-
Summary: JavaSerializer.serialize causes the JVM crash !
Key: WICKET-6704
URL: https://issues.apache.org/jira/browse/WICKET-6704
Project: Wicket
Issue Type: Bug
[
https://issues.apache.org/jira/browse/WICKET-6703?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sven Meier reassigned WICKET-6703:
--
Assignee: Sven Meier
> Eliminate window.eval from wicket-ajax-jquery
>
[
https://issues.apache.org/jira/browse/WICKET-6703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16939162#comment-16939162
]
Sven Meier commented on WICKET-6703:
[~Kondratev] Good to have this as a separate issue now.
Some
[
https://issues.apache.org/jira/browse/WICKET-6688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sven Meier updated WICKET-6688:
---
Description:
Some kind of RPC could be added to -eliminate 'unsafe-eval' in CSP headers- for
24 matches
Mail list logo