From 12d228c089929227924b90389d9c2e3e11da967c Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@vmware.com>
Date: Tue, 18 Aug 2020 11:00:47 -0400
Subject: [PATCH] Add plugin io.spring.nohttp

---
 build.gradle               | 7 ++++++-
 etc/nohttp/allowlist.lines | 7 +++++++
 2 files changed, 13 insertions(+), 1 deletion(-)
 create mode 100644 etc/nohttp/allowlist.lines

diff --git a/build.gradle b/build.gradle
index 0fa9948..566e28c 100644
--- a/build.gradle
+++ b/build.gradle
@@ -2,7 +2,7 @@ buildscript {
 	dependencies {
 		classpath 'io.spring.gradle:spring-build-conventions:0.0.33.RELEASE'
 		classpath "org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion"
-
+		classpath 'io.spring.nohttp:nohttp-gradle:0.0.5.RELEASE'
 	}
 	repositories {
 		maven { url 'https://repo.spring.io/plugins-snapshot' }
@@ -10,6 +10,7 @@ buildscript {
 	}
 }
 
+apply plugin: 'io.spring.nohttp'
 apply plugin: 'io.spring.convention.root'
 
 group = 'org.springframework.security.experimental'
@@ -26,3 +27,7 @@ subprojects {
 		project.sourceCompatibility = '1.8'
 	}
 }
+
+nohttp {
+	allowlistFile = project.file("etc/nohttp/allowlist.lines")
+}
diff --git a/etc/nohttp/allowlist.lines b/etc/nohttp/allowlist.lines
new file mode 100644
index 0000000..a9898c8
--- /dev/null
+++ b/etc/nohttp/allowlist.lines
@@ -0,0 +1,7 @@
+^http://[^/]*nabble.com.*
+^http://blog.opensecurityresearch.com/.*
+^http://iharder.sourceforge.net/current/java/base64/
+^http://jaspan.com.*
+^http://lists.webappsec.org/.*
+^http://webblaze.cs.berkeley.edu/.*
+^http://www.w3.org/2000/09/xmldsig.*