OS-3 fixing exploit to upload malicious apps through UI rest APIs

Change-Id: Ia5f14b6667d7843a80cccb2794e3de5038eaa0be
2025-10-24 13:51:27 +02:00 · 2017-05-05 09:08:11 -07:00 · 2017-05-05 09:08:11 -07:00 · b582df38ac
commit b582df38ac
parent 921593c4a3
1 changed files with 4 additions and 0 deletions
--- a/web/gui/src/main/webapp/WEB-INF/web.xml
+++ b/web/gui/src/main/webapp/WEB-INF/web.xml
@ -32,6 +32,10 @@
            <web-resource-name>Secured</web-resource-name>
            <url-pattern>/index.html</url-pattern>
        </web-resource-collection>
+        <web-resource-collection>
+            <web-resource-name>Secured API</web-resource-name>
+            <url-pattern>/rs/applications/*</url-pattern>
+        </web-resource-collection>
        <auth-constraint>
            <role-name>admin</role-name>
        </auth-constraint>