| [sw360-dev] Necessary change for proxies in order to get the current master to work |
|
Hi, due to the beginning of modularization of _javascript_ code in the
application there are some _javascript_ files that contains service
names like 'components', 'vulnerabilities', etc in their path. These names were forbidden in the URL to prevent direct access to
these services. However the matching was not just at the beginning
of a URL but anywhere along the path. Thus, URLs like /js/components/ were also forbidden. In order to allow such URLs but keep the protection for the thrift services the match must be adapted to the beginning of the URL only. Example for nginx (new settings): location ~*
^/(manager|attachments|bdpimport|components|cvesearch|fossology|layouttpl|licenseinfo|licenses|moderation|projects|schedule|search|users|vendors|vulnerabilities)/
{ The '^' at the beginning of the _expression_ was added and enforces to match at the beginning of the URL. The deployment projects sw360vagrant as well as sw360-chores have already been updated accordingly. Please redeploy your nginx container in case of _javascript_ errors like the following:
Best regards -- Leo von Klenze Geschäftsführer +49 176 10072624 Scansation GmbH www.scansation.de Zielstattstr. 133, 81379 München Geschäftsführer: Andreas Klett, Leo von Klenze Amtsgericht München, HRB 227036 |
