aboutsummaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters/src/main/java/com/yahoo/jdisc
Commit message (Collapse)AuthorAgeFilesLines
* Misc improvementsBjørn Christian Seime2023-06-151-11/+18
| | | | | | | Remove duplicate unit tests. Improve symbol names. Use `Map` to simplify code and reduce cost. Introduce constant for the number of bytes in token check hash. Improve code comments.
* Improve validation of configBjørn Christian Seime2023-06-151-1/+13
| | | | Verify that at least one client definition requires certificate. Add note on legacy mode.
* Support tokens in Cloud data plane filterBjørn Christian Seime2023-06-141-16/+89
|
* Allow subdomains in CORS filtersValerij Fredriksen2023-06-063-21/+45
|
* Move metrics definitions to metrics:ai.vespa.metricsgjoranv2023-05-082-3/+3
|
* Use enums for remaining container metrics.yngveaasheim2023-03-151-2/+3
|
* Use ContainerMetrics enum more placesYngve Aasheim2023-01-201-2/+3
|
* Revert "Revert collect(Collectors.toList())"Henning Baldersheim2022-12-042-2/+2
|
* Revert collect(Collectors.toList())Henning Baldersheim2022-12-042-2/+2
|
* collect(Collectors.toList()) -> toList()Henning Baldersheim2022-12-022-2/+2
|
* Move config to configdefinitionsMorten Tokle2022-11-221-0/+1
|
* Introduce Cloud data plane security filterBjørn Christian Seime2022-11-222-0/+153
|
* Cleanup RequestResourceMapper APIBjørn Christian Seime2022-11-152-9/+3
|
* remove obsolete codeMorten Tokle2022-11-112-25/+6
|
* Revert "remove obsolete code"Henning Baldersheim2022-11-102-6/+25
|
* remove obsolete codeMorten Tokle2022-11-102-25/+6
|
* Prevent browser API cachingMorten Tokle2022-10-252-2/+1
|
* Prevent browsers caching api responsesMorten Tokle2022-10-241-0/+1
|
* Allow 'Vespa-Csrf-Token' headerBjørn Christian Seime2022-09-261-1/+2
|
* compare oranges with orangesAndreas Eriksen2022-08-171-1/+1
|
* Add Referrer-Policy headerMorten Tokle2022-08-011-0/+1
|
* Move rule-based-filter config to configdefinitions module/bundlegjoranv2022-07-272-9/+2
| | | | | | | .. to remove import-package from config-model to jdisc-security-filters. - Keep the old config def for a while in case it's needed by hosted Vespa config models.
* Add x-frame-optionsMorten Tokle2022-06-281-0/+1
|
* Fix javadocValerij Fredriksen2022-06-271-2/+2
|
* Create CSP response filterValerij Fredriksen2022-06-272-0/+37
|
* Use '@Inject' from 'annotations' in multiple bundlesBjørn Christian Seime2022-05-066-6/+6
|
* Move User from controller-api to jdisc-security-filtersBjørn Christian Seime2022-04-272-0/+103
|
* Add comment about why there is no path segment validation in rule filterjonmv2022-04-111-0/+2
|
* Only create Path if there are any patterns to match againstjonmv2022-04-111-2/+1
|
* Avoid segment validation in rule based filterjonmv2022-04-111-1/+1
|
* Support custom JSON + error code as stringBjørn Christian Seime2021-11-161-18/+41
|
* Update 2020 Oath copyrights.gjoranv2021-10-271-1/+1
|
* Update 2019 Oath copyrights.gjoranv2021-10-271-1/+1
|
* Update Verizon Media copyright notices.gjoranv2021-10-072-2/+2
|
* Update 2018 copyright notices.gjoranv2021-10-0715-15/+15
|
* Remove null dimension valuesMorten Tokle2021-06-111-0/+2
|
* Add request and acl mapping values as metric dimensionsMorten Tokle2021-06-112-17/+73
|
* Return request origin when wildcard is allowedValerij Fredriksen2021-05-111-14/+7
|
* Remove corse filter base class that is no longer relevantBjørn Christian Seime2021-05-071-41/+0
|
* Allow wildcard in allowedUrls for CorsPreflightRequestFilterValerij Fredriksen2021-05-061-1/+3
|
* Custom acl mappingMorten Tokle2021-04-152-1/+9
|
* Ignore access token header if client has Athenz role certificateBjørn Christian Seime2021-03-021-8/+36
|
* Add configurable response headers for blocked requestsBjørn Christian Seime2021-02-231-4/+13
|
* Add rule based request filterBjørn Christian Seime2021-02-171-0/+118
|
* Add config definition for rule based security filterBjørn Christian Seime2021-02-161-0/+8
|
* Athenz jdisc filter: support proxied access token from trusted peerBjørn Christian Seime2021-02-111-3/+21
|
* Ignore null headerMartin Polden2021-02-101-1/+1
|
* Add CORS filtersValerij Fredriksen2021-01-253-19/+12
|
* Create default connector request chainMorten Tokle2020-11-231-0/+21
|
* LogLevel.DEBUG -> Level.FINEgjoranv2020-04-252-5/+5
|