From 4d65bb704c7b5b41e7bbad4c0fa345352977512f Mon Sep 17 00:00:00 2001 From: sinthuja Date: Mon, 9 Oct 2017 08:49:15 +0530 Subject: [PATCH] Adding jaggery.conf to store. --- .../main/resources/store/public/jaggery.conf | 84 +++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100755 components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/src/main/resources/store/public/jaggery.conf diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/src/main/resources/store/public/jaggery.conf b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/src/main/resources/store/public/jaggery.conf new file mode 100755 index 0000000000..5ff8eb120e --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/src/main/resources/store/public/jaggery.conf @@ -0,0 +1,84 @@ +{ + "welcomeFiles": [ + "index.html" + ], + "urlMappings": [ + { + "url": "/login", + "path": "/index.html" + }, + { + "url": "/assets/apps", + "path": "/index.html" + } + ], + "listeners": [ + { + "class": "org.owasp.csrfguard.CsrfGuardServletContextListener" + }, + { + "class": "org.owasp.csrfguard.CsrfGuardHttpSessionListener" + } + ], + "servlets": [ + { + "name": "JavaScriptServlet", + "class": "org.owasp.csrfguard.servlet.JavaScriptServlet" + } + ], + "servletMappings": [ + { + "name": "JavaScriptServlet", + "url": "/csrf.js" + } + ], + "contextParams": [ + { + "name": "Owasp.CsrfGuard.Config", + "value": "repository/conf/security/Owasp.CsrfGuard.dashboard.properties" + } + ], + "filters": [ + { + "name": "ContentTypeBasedCachePreventionFilter", + "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter", + "params" : [ + {"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"}, + {"name" : "filterAction", "value" : "enforce"}, + {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"} + ] + }, + { + "name": "HttpHeaderSecurityFilter", + "class": "org.apache.catalina.filters.HttpHeaderSecurityFilter", + "params": [ + { + "name": "hstsEnabled", + "value": "false" + }, + { + "name": "antiClickJackingOption", + "value": "SAMEORIGIN" + } + ] + }, + { + "name" : "CSRFGuard", + "class" : "org.owasp.csrfguard.CsrfGuardFilter" + } + ], + "filterMappings": [ + { + "name": "HttpHeaderSecurityFilter", + "url": "*" + }, + { + "name" : "CSRFGuard", + "url" : "/*" + }, + { + "name":"ContentTypeBasedCachePreventionFilter", + "url":"*" + } + ] +}