[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

System properties to harden file reading/writing, http behavior #1213

Merged
merged 12 commits into from
Nov 25, 2023
Merged

System properties to harden file reading/writing, http behavior #1213

merged 12 commits into from
Nov 25, 2023

Conversation

tresf
Copy link
Contributor
@tresf tresf commented Nov 8, 2023
edited

Should be merged AFTER #1190 so that Company Branded builds can toggle the properties as-needed.

Addresses:

Adds new properties to modify / re-enable this behavior:

  • security.data.protocols [http,https]
  • security.print.tofile [false]
  • security.wss.httpsonly [false]
  • security.wss.snistrict [false]
[ERROR] 2023-11-07T22:28:52,419 @ qz.utils.ConnectionUtilities:48
	URL 'file:////text.txt' is not a valid [http,https] location.  Configure property 'security.data.protocols' to modify this behavior.

[ERROR] 2023-11-07T22:26:05,105 @ qz.printer.action.PrintRaw:407
	Printing to file 'test.txt' is not permitted.  Configure property 'security.print.tofile' to modify this behavior.

[ERROR] 2023-11-07T22:29:06,109 @ qz.common.App:123
	Server started on port(s): 8181

@tresf tresf requested a review from akberenz November 8, 2023 03:35
@tresf tresf mentioned this pull request Nov 23, 2023
Merged
33 tasks
@tresf tresf changed the title Restrict file reading/writing System properties to harden file reading/writing, http behavior Nov 23, 2023
akberenz
akberenz approved these changes Nov 25, 2023
View reviewed changes
src/qz/utils/ConnectionUtilities.java Outdated Show resolved Hide resolved
@tresf tresf merged commit e329cb4 into master Nov 25, 2023
12 checks passed
@tresf tresf deleted the file-security branch November 25, 2023 15:47
This was referenced Nov 25, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akberenz akberenz akberenz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tresf @akberenz