Oved Ourfali has submitted this change and it was merged.
Change subject: core: Parse Prefer according to RFC 7240
......................................................................
core: Parse Prefer according to RFC 7240
Currently we assume that the "Prefer" header contains only the value
"persistent-auth" and we check it directly. This prevents using the
header for other purposes, like including several preferences in the
same header, as described in RFC 7240. This will be required by later
patches, in particular for the patches implementing CSRF protection in
the RESTAPI. This patch changes the engine so that it parses correctly
the hader, according to the RFC, using the Apache HttpComponents
library. A module for this library is already provided by the
application server.
Change-Id: I917aa9e56a50a0a3f85447003676ffd59752749d
Related:
https://bugzilla.redhat.com/1077441
Signed-off-by: Juan Hernandez <juan.hernandez(a)redhat.com>
(cherry picked from commit 15e3b2cb39752a4914847365fc49c5b9289d4a52)
---
M backend/manager/modules/aaa/pom.xml
M
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java
M backend/manager/modules/aaa/src/main/modules/org/ovirt/engine/core/aaa/main/module.xml
A
backend/manager/modules/aaa/src/test/java/org/ovirt/engine/core/aaa/filters/FiltersHelperTest.java
M pom.xml
5 files changed, 139 insertions(+), 2 deletions(-)
Approvals:
Juan Hernandez: Verified
Oved Ourfali: Looks good to me, approved
--
To view, visit
http://gerrit.ovirt.org/29848
To unsubscribe, visit
http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I917aa9e56a50a0a3f85447003676ffd59752749d
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: ovirt-engine-3.5
Gerrit-Owner: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourfali(a)redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzaslavs(a)redhat.com>
Gerrit-Reviewer: automation(a)ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server