[dspace-tech] Re: Apache Commons Text vulnerability

The vulnerability centres on use of the StringSubstitutor from an unfiltered input. It looks from the source that the function is used for substitutions derived from dspace configuration files. On an initial review, as long as these config files are well-governed dspace7 should be safe in the

[dspace-tech] Re: handle server quits after ubuntu upgrade

This is a problem with the latest release of java (openjdk version "1.8.0_352"). It has now removed the deprecated class runFinalizersOnExit This class is used by the embedded handle.net jar classes to provide the resolver functions for the handle server. This is distributed via the maven

[dspace-tech] Re: handle server quits after ubuntu upgrade

The compiled handle.jar file is available at https://release.prosentient.com.au/handle62/handle.jar.gz It can be used to replace the handle-6.2.jar reference in the dspace 6.4 build or copied directly to the target directly to the target directories - particularly of course lib ./lib/handle-

[dspace-tech] Re: CORS errors using NGINX Reverse Proxy

As with apache as a reverse proxy, you will probably find that you need to set the X-Forwarded_Proto to preserve the inbound https in the responses. In our apache reverse proxy we use RequestHeader set X-Forwarded-Proto https I believe the following will help with nginx proxy_set_header X-For

[dspace-tech] Re: CORS errors using NGINX Reverse Proxy

You will need to implement https unless you are running in a local network On Friday, November 18, 2022 at 10:37:16 PM UTC+11 mcasals...@gmail.com wrote: > Right now I'm using http, haven't tried https yet. So I don't think it > will be the case. > > Thanks for commenting > > El dia dijous, 17

Re: [dspace-tech] High traffic / DDoS / fail2ban

invalid and maliciously crafted urls. Edmund Balnaves Prosentient Systems https://www.prosentient.com.au On Friday, January 20, 2023 at 12:27:24 AM UTC+11 Mark H. Wood wrote: > On Thu, Jan 19, 2023 at 11:50:03AM +0100, Florian Wille wrote: > > my DSpace (6.3) Site usually gets aro

[dspace-tech] Re: Bulk download of filtered items (PDF)

That's not a feature in DSpace. It requires UI customization to achieve this to create a "cart" and download. On Thursday, February 23, 2023 at 7:55:11 AM UTC+11 Benneth wrote: > Please, in Dspace 5, how can you download bulk PDFs from a filtered > search result ie after the search are di

[dspace-tech] Re: local.cfg not loading after a change

It looks like your angular config settings may be incorrect - the angular is calling the api server on port 8080. Edmund On Tuesday, May 16, 2023 at 9:20:02 PM UTC+10 Manuel Congosto wrote: > Hello! > > So I finally have the backend and the front end running on SSL, however I > am getting the

Re: [dspace-tech] Is it possible rsync an assetstore between current and new servers

and of course you must keep the database in sync with the assets: copy and upgrade the dspace 5 prod database. Edmund On Friday, May 19, 2023 at 4:18:59 PM UTC+10 Sean Carte wrote: > For what it's worth, that's exactly what I would do. > > Sean > > On Thu, 18 May 2023 at 18:08, cpgr...@gmai

[dspace-tech] Filter search failes in DSpace 7.5 Author and Subject browse.

We have implemented a server with DSpace 7.5 api & angular interface. The browse menu filter function was not working with DSpace 7.5 (but works ok in earlier versions). To reproduce: -Use the All communities author or subject browse. -Use the browse within to search within the author/subject li

[dspace-tech] Re: DSpace 7 on production - poor performance

e (and impressive) migration that has been completed from DSpace 6. The new version is a very fresh and nice design, and the new API is nice. Edmund Balnaves Prosentient Systems On Tuesday, June 27, 2023 at 5:57:38 AM UTC+10 Karol wrote: > Hi, > > I have implemented dspace7 in productio

[dspace-tech] Re: Dspace 7.5 performace

I don't know how your proxy is wired up, but I got a benefit from binding the external host name in /etc/hosts to the internal IP - that kept a lot API traffic from hitting the external interface. The home page generates a lot of API calls. On my server the ratio is 1 page : 10 API calls over

Re: [dspace-tech] High CPU usage in DSpace 7.6 leading to server issues, lots of errors/examples (crossposted from Slack)

approach. Edmund Balnaves Prosentient Systems On Tuesday, March 5, 2024 at 10:22:23 PM UTC+11 Majo wrote: > Hello Carolyn Sullivan. > > I would like to offer a few points I noticed. I was responsible for > deploying > one instance of DSpace and I am quite familiar with problem

[dspace-tech] Re: Assistance with Retroactive Collection Policies in DSpace

Unfortunately, bulk policy management did not make it into DSpace until the 7.6 release. This function allows you to retrospectively change the policy on all items and /or bitstreams ( a standard feature of DSpace 6). ./dspace/bulk-access-control -h usage: bulk-access-control -e,--eperson

[dspace-tech] Re: SOLR vulnerabilities in v6 (and v5!)?

As long as you are not exposing the DSpace SOLR to the public web interface, the scope of this issue is limited. You should however at least take the upgrade to DSpace 6.4. Edmund On Thursday, April 11, 2024 at 9:52:16 PM UTC+10 Michael White wrote: > Hi, > > > > We have 2 DSpace reposit

[dspace-tech] Re: Dspace 1.4.2 - host of issues

it is a quite a technical task. Edmund Balnaves Prosentient Systems On Tuesday, June 4, 2024 at 9:10:41 AM UTC+10 Deborah wrote: > Hello, > > At our very small university library we are at the very beginning stages > of trying to fix, upgrade, change our situation with our I

[dspace-tech] Workflow issue when bitstreams are in S3 storage

m missing? IMHO the whole workflow process needs a rewrite - it only really works well when there are only a few simple items in the workflow. Edmund Balnaves -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.asp

[dspace-tech] Re: handle prefix redirects in 7.6.2

Hi Louis Assuming you are using an Apache proxy you should be able to use a rewrite directive to redirect links coming into the server with the old prefix, redirecting to the new handle prefix and dspace7 handle location e.g. something like RewriteRule ^/handle/123456789/(.*) /handle/myregiste

[dspace-tech] CSV injection vulnerability affecting DSpace (including v8)

In reviewing the issue of CSV injection across our applications it looks like DSpace including current versions is affected by this issue. The issue is well described on the web. Essentially if a user submits a document with a field value which could be interpreted as a function, the CSV expor

[dspace-tech] Re: DSpace 7 indexing by Google Scholar fails ...

- The "GPSS" - A proposed new tool for use in General Practice for risk assessment of Obstructive Sleep Apnoea.", "author": { "@type": "Person", "name": "Howarth, Timothy" }, "datePublished": " 2024-11-21",

Re: [dspace-tech] Alibaba Cloud Traffic -- to block or not?

Unfortunately, Alibaba is not the only, nor even the worst, culprit. We see bots accessing with IP ranges across the globe. You will end up with a very large list of blocked ranges. Very few advertise a proper agent string. It would be nice if one list of IP ranges did the trick but th

[dspace-tech] Re: Alibaba Cloud Traffic -- to block or not?

We have seen this also. It seems like AI-content harvesting. Unfortunately these robots that do not honour the robots.txt and are poor crawlers, so they not only hit the server from multiple IP addresses. They typically have an anonymous user-agent string. They also get stuck in an endless