Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-29220

Improve Explorer secure XML content logics

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: explorer-20.0.0
    • Component/s: Explorer
    • Epic Link:
    • Impact type:
      Configuration Change
    • Upgrade notes:
      Hide

      Secure keywords can now be controlled via configuration keys, use the following sample for override:

      <component name="org.nuxeo.apidoc.snapshot.SnapshotManagerComponent.secure.xml.override">
  <require>org.nuxeo.apidoc.snapshot.SnapshotManagerComponent</require>
  <extension target="org.nuxeo.runtime.ConfigurationService" point="configuration">
    <property name="org.nuxeo.apidoc.secure.xml.keywords">
      password, Password, secret, apiKey
    </property>
    <property name="org.nuxeo.apidoc.secure.xml.keywords.whitelisted">
      passwordField, passwordHashAlgorithm
    </property>
  </extension>
</component>

      DocumentationHelper#secureXML has been replaced by SecureXMLHelper#secure

      Show
      Secure keywords can now be controlled via configuration keys, use the following sample for override: <component name="org.nuxeo.apidoc.snapshot.SnapshotManagerComponent.secure.xml.override"> <require>org.nuxeo.apidoc.snapshot.SnapshotManagerComponent</require> <extension target="org.nuxeo.runtime.ConfigurationService" point="configuration"> <property name="org.nuxeo.apidoc.secure.xml.keywords"> password, Password, secret, apiKey </property> <property name="org.nuxeo.apidoc.secure.xml.keywords.whitelisted"> passwordField, passwordHashAlgorithm </property> </extension> </component> DocumentationHelper#secureXML has been replaced by SecureXMLHelper#secure
    • Team:
      AT
    • Sprint:
      nxAT 11.1.19, nxAT 11.1.20
    • Story Points:
      5

      Description

      Check sensitive information is never exposed by Explorer API when snapshotting a live distribution.

        Attachments

          Issue Links

          is related to

          New Feature - A new feature of the product, which has yet to be developed. NXP-28948 Handle components in error in Explorer export

          • Major - Major loss of function.
          • Resolved

          New Feature - A new feature of the product, which has yet to be developed. NXP-28838 Provide pluggable export of the runtime exploration

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          Is referenced in

          [Captain Hook] PR for feature-NXP-29050-explorer-hide-current-distrib: #4168 PR for feature-NXP-29050-explorer-hide-current-distrib: #4168

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 4 hours
                  2d 4h