1. 18 Mar, 2022 1 commit
  2. 17 Mar, 2022 1 commit
  3. 16 Mar, 2022 3 commits
  4. 15 Mar, 2022 2 commits
  5. 14 Mar, 2022 1 commit
  6. 09 Mar, 2022 4 commits
  7. 04 Mar, 2022 2 commits
  8. 03 Mar, 2022 4 commits
  9. 02 Mar, 2022 1 commit
  10. 28 Feb, 2022 2 commits
  11. 25 Feb, 2022 3 commits
  12. 23 Feb, 2022 2 commits
  13. 22 Feb, 2022 1 commit
  14. 16 Feb, 2022 2 commits
  15. 10 Feb, 2022 1 commit
  16. 08 Feb, 2022 3 commits
  17. 07 Feb, 2022 4 commits
    • Emmanuel Duchastenier's avatar
      feat(security): hide tomcat error report & version (#460) · 834ba214
      Emmanuel Duchastenier authored
      to mitigate returned info to possible malicious hacker
      
      Before:
      ```
      curl -i 'http://localhost:8080/bonita/login.jsp?redirectUrl=|'
      HTTP/1.1 400
      Content-Type: text/html;charset=utf-8
      Content-Language: fr
      Content-Length: 1950
      Date: Mon, 07 Feb 2022 15:10:05 GMT
      Connection: close
      
      <!doctype html><html lang="fr"><head><title>État HTTP 400 – Requête invalide</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>État HTTP 400 – Requête invalide</h1><hr class="line" /><p><b>Type</b> Rapport d'exception</p><p><b>message</b> Un caractère invalide a été trouvé dans la cible de la requête, les caractères valides sont définis dans RFC 7230 et RFC 3986</p><p><b>description</b> La requête envoyée par le client était syntaxiquement incorrecte.</p><p><b>exception</b></p><pre>java.lang.IllegalArgumentException: Un caractère invalide a été trouvé dans la cible de la requête, les caractères valides sont définis dans RFC 7230 et RFC 3986
          org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:494)
          org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:269)
          org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
          org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895)
          org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1732)
          org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
          org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
          org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
          org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
          java.base&#47;java.lang.Thread.run(Thread.java:829)
      </pre><p><b>note</b> La trace complète de la cause mère de cette erreur est disponible dans les fichiers journaux de ce serveur.</p><hr class="line" /><h3>Apache Tomcat/9.0.56</h3></body></html>%                                                                             ╭─manu@laptop-manu ~/workspace/bonita-distrib-sp git:(security/hide_tomcat_version_in_bundle*)
      ```
      
      After:
      ```
      curl -i 'http://localhost:8080/bonita/login.jsp?redirectUrl=|'
      HTTP/1.1 400
      Content-Type: text/html;charset=utf-8
      Content-Language: fr
      Content-Length: 445
      Date: Mon, 07 Feb 2022 15:10:48 GMT
      Connection: close
      
      <!doctype html><html lang="fr"><head><title>État HTTP 400 – Requête invalide</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>État HTTP 400 – Requête invalide</h1></body></html>%
      ```
      
      Closes [RUNTIME-603](https://bonitasoft.atlassian.net/browse/RUNTIME-603)
      834ba214
    • abirembaut's avatar
      chore(i18n): add permission to upload script · b30e9519
      abirembaut authored
      b30e9519
    • danila_mazour's avatar
      fix(resources): restore deleted resources files (#459) · dfdf936e
      danila_mazour authored
      
      
      * fix(resources): restore deleted resources files
      
      The files were deleted by 3210c124d7c6d9518a5fb259e5898afae1f0df96
      
      Restore them, as they are apparently needed by the build procedure.
      
      * Delete app-details.less
      
      Co-authored-by: default avatarabirembaut <anthony.birembaut@gmail.com>
      dfdf936e
    • abirembaut's avatar
      Merge branch 'master' into dev · 03f59723
      abirembaut authored
      03f59723
  18. 02 Feb, 2022 3 commits