New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use custom Grizzly error page to prevent XSS #3428

Merged
merged 2 commits into from Jan 25, 2017

Conversation

Projects
None yet
2 participants
@edmundoa
Member

edmundoa commented Jan 25, 2017

Fixes #3171
Backport of #3172

joschi and others added some commits Dec 9, 2016

Do not start the HTTP server immediately
Otherwise the custom default error page is never set up.

@edmundoa edmundoa added this to the 2.1.3 milestone Jan 25, 2017

@joschi joschi self-assigned this Jan 25, 2017

@joschi

joschi approved these changes Jan 25, 2017

@joschi joschi merged commit 894cadc into 2.1 Jan 25, 2017

4 checks passed

ci-web-linter Jenkins build graylog-pr-linter-check 1322 has succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
licence/cla Contributor License Agreement is signed.
Details

@joschi joschi deleted the backport-issue-3171 branch Jan 25, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment