Update to Apache sling simple webdav servlet, will there be any security issue? | Community
Skip to main content
R
ramgopalm545617
Level 4
May 28, 2020
Solved

Update to Apache sling simple webdav servlet, will there be any security issue?

  • May 28, 2020
  • 1 reply
  • 4614 views

the default configuration for the dav.root is /dav, so for a requirement we have recently changes it to /crx/repository, will there be any security issues because of this change in Apache sling simple webdav servlet?

 

dav.create-absolute-uri=B"true"
type.content="nt:resource"
type.noncollections="nt:file"
filter.prefixes=["rep","jcr"]
dav.realm="Sling\ WebDAV"
dav.root="/crx/repository"
filter.types=""
filter.uris=""
type.collections="sling:Folder"
collection.types=["nt:file","nt:resource"]

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by joerghoh

Besides the "usual" recommendation to shut it down in production, I don't see any immediate problem with it. The question remains why you have to change it at all 🙂

1 reply

joerghoh
Adobe Employee
joerghohAdobe EmployeeAccepted solution
Adobe Employee
May 28, 2020

Besides the "usual" recommendation to shut it down in production, I don't see any immediate problem with it. The question remains why you have to change it at all 🙂

    R
    ramgopalm545617Author
    Level 4
    May 28, 2020
    We wanted to apply HTTP OPTIONS method to be blocked in AEM, so we are using Apache sling referrer filter to add OPTIONS method, so we had to update the dav root inorder for that configuration to work.
    Terms & ConditionsAccessibility statement

    Loading footer...