[
https://issues.apache.org/jira/browse/TIKA-4760?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18091374#comment-18091374
]
Hudson commented on TIKA-4760:
------------------------------
SUCCESS: Integrated in Jenkins build Tika ยป tika-branch_3x-jdk11 #2492 (See
[https://ci-builds.apache.org/job/Tika/job/tika-branch_3x-jdk11/2492/])
TIKA-4760 for 3x (tallison:
[https://github.com/apache/tika/commit/a365b1d465b6aa33b4bc6e428294ea2be04b28fc])
* (edit) CHANGES.txt
* (edit)
tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TikaServerProcess.java
* (edit)
tika-core/src/main/java/org/apache/tika/pipes/fetcher/FetcherManager.java
* (edit)
tika-server/tika-server-core/src/test/java/org/apache/tika/server/core/TikaServerConfigTest.java
* (edit) tika-core/src/main/java/org/apache/tika/config/ConfigBase.java
* (edit)
tika-server/tika-server-core/src/test/resources/configs/tika-config-server-emitter.xml
* (edit)
tika-server/tika-server-core/src/test/resources/configs/tika-config-server-basic.xml
* (edit)
tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TikaServerConfig.java
* (add)
tika-server/tika-server-core/src/test/resources/configs/tika-config-server-pipes-no-unsecure.xml
> Require enableUnsecureFeatures for /pipes /async and /status
> ------------------------------------------------------------
>
> Key: TIKA-4760
> URL: https://issues.apache.org/jira/browse/TIKA-4760
> Project: Tika
> Issue Type: Task
> Reporter: Tim Allison
> Priority: Major
>
> We made the assumption that if a user specified /pipes in the config, that
> they knew they were taking on non-secure behavior and that they should be
> extra careful in allowing access to the server.
> We should require users to select {{enableUnsecureFeatures}} even if they
> specify /pipes.
> We should do this in 3.x and 4.x.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)