Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

System properties to harden file reading/writing, http behavior #1213

Merged
merged 12 commits into from
Nov 25, 2023

Conversation

tresf
Copy link
Contributor

@tresf tresf commented Nov 8, 2023

Should be merged AFTER #1190 so that Company Branded builds can toggle the properties as-needed.

Addresses:

Adds new properties to modify / re-enable this behavior:

  • security.data.protocols [http,https]
  • security.print.tofile [false]
  • security.wss.httpsonly [false]
  • security.wss.snistrict [false]
[ERROR] 2023-11-07T22:28:52,419 @ qz.utils.ConnectionUtilities:48
	URL 'file:////text.txt' is not a valid [http,https] location.  Configure property 'security.data.protocols' to modify this behavior.
[ERROR] 2023-11-07T22:26:05,105 @ qz.printer.action.PrintRaw:407
	Printing to file 'test.txt' is not permitted.  Configure property 'security.print.tofile' to modify this behavior.
[ERROR] 2023-11-07T22:29:06,109 @ qz.common.App:123
	Server started on port(s): 8181

@tresf tresf requested a review from akberenz November 8, 2023 03:35
@tresf tresf mentioned this pull request Nov 23, 2023
33 tasks
@tresf tresf changed the title Restrict file reading/writing System properties to harden file reading/writing, http behavior Nov 23, 2023
src/qz/utils/ConnectionUtilities.java Outdated Show resolved Hide resolved
@tresf tresf merged commit e329cb4 into master Nov 25, 2023
12 checks passed
@tresf tresf deleted the file-security branch November 25, 2023 15:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants