From 12d228c089929227924b90389d9c2e3e11da967c Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Tue, 18 Aug 2020 11:00:47 -0400 Subject: [PATCH] Add plugin io.spring.nohttp --- build.gradle | 7 ++++++- etc/nohttp/allowlist.lines | 7 +++++++ 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 etc/nohttp/allowlist.lines diff --git a/build.gradle b/build.gradle index 0fa9948..566e28c 100644 --- a/build.gradle +++ b/build.gradle @@ -2,7 +2,7 @@ buildscript { dependencies { classpath 'io.spring.gradle:spring-build-conventions:0.0.33.RELEASE' classpath "org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion" - + classpath 'io.spring.nohttp:nohttp-gradle:0.0.5.RELEASE' } repositories { maven { url 'https://repo.spring.io/plugins-snapshot' } @@ -10,6 +10,7 @@ buildscript { } } +apply plugin: 'io.spring.nohttp' apply plugin: 'io.spring.convention.root' group = 'org.springframework.security.experimental' @@ -26,3 +27,7 @@ subprojects { project.sourceCompatibility = '1.8' } } + +nohttp { + allowlistFile = project.file("etc/nohttp/allowlist.lines") +} diff --git a/etc/nohttp/allowlist.lines b/etc/nohttp/allowlist.lines new file mode 100644 index 0000000..a9898c8 --- /dev/null +++ b/etc/nohttp/allowlist.lines @@ -0,0 +1,7 @@ +^http://[^/]*nabble.com.* +^http://blog.opensecurityresearch.com/.* +^http://iharder.sourceforge.net/current/java/base64/ +^http://jaspan.com.* +^http://lists.webappsec.org/.* +^http://webblaze.cs.berkeley.edu/.* +^http://www.w3.org/2000/09/xmldsig.*