Pekka Helenius
|
5ba4227c1e
|
Prevent CSRF token leaks in server logs
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
df782ec504
|
Add notes about missing input form validations
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
a9102319b8
|
Add SameSite cookie and Content Security Policy header
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
84acd3f455
|
Author's name can't have numbers
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
dca1f70f43
|
More specific Bcrypt configuration
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
01814c1950
|
Update SQL schema & DB structure plans
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
d6d29311de
|
Add missing Maven imports for SQL
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
31cc8b4ace
|
Be more informative: add available profile options
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
37a03d6ed7
|
Update dev configuration: add comments
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
2f7f4864b3
|
Prepare application for deployment; add production settings, add
database connectivity settings
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
5d2b648ab3
|
Add warning statement about custom queries
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
b3526137f8
|
Add SQL server security note
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
249bd5b6b4
|
Prevent unauthorized users to alter book prices
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
b6cc0ac887
|
Book hash IDs: consider potential hash collisions; move logic into
BookEventHandler
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
0450a8fcc5
|
REST API help reference page: add 'publish' attribute into examples
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
e3017394dd
|
Re-define Book publish attribute JSON read/write policy
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
5e043c3a69
|
Consider too long user inputs for username login field
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
dc4d9a76b3
|
Update authorization checks and improve their descriptions
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
534204e76f
|
Delete unused import
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
a9f35eb743
|
Register classes as Spring services, deprecate instance attribute
autowiring
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
6dcb1abbc3
|
Minor style/readability fixes
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
13fd73a09e
|
Enable BCryptPasswordEncoder
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
9fb7a98d32
|
Replace PasswordEncoderFactories with BCryptPasswordEncoder
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
595cb82fa8
|
Add missing HTML body tags
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
8ea4f60133
|
Update project version: 0.0.3-alpha
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
a613fcd60a
|
Temporarily disable TTL for UrlTemplateResolver
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
383ed4a919
|
Update properties files
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
ef17081962
|
REST API help reference page: add more examples
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
ecba11b7e4
|
Fix 'potentially malicious URL'
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
28afed3c9f
|
Un-hardcode more messages
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
0077ce9315
|
Add TODO note : properties not working here?
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
94762c5a54
|
Add missing REST API page values/properties
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
c50a6962b6
|
Add un-hardcode TODOs
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
81b45f4c19
|
Update web forms: use component naming scheme; use multiple lines on
some field values
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
e11cfc4808
|
Implement BookStorePages class, primarily for Thymeleaf
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
c23ef0cc6d
|
Update layout, update class description
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
ac02bad770
|
Update controller links & authorities
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
e475e37cbf
|
Update development environment texts
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
12ba93f42d
|
Web forms: Add dev profile checks
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
7ff23e1a39
|
Add dev profile annotations; delete authority USER from Admin test user
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
407d072802
|
Add development properties; re-locate some properties
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
0094dc831f
|
Check if external URL is reachable before inserting fragments from there
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
d568620060
|
UrlTemplateResolver: Add TTL configuration
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
90fbbb7eca
|
Implement BookStoreExternalUrlService for URL checks
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
fa1b75e824
|
Move H2 database console link to more appropriate place; add dev note
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
87f4b9606f
|
Use Spring logical component BookAuth to retrieve book authorities
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
c44b2aaf96
|
Add missing authority properties; add header note
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
5cb4e3f347
|
Retrieve authorities & categories from Spring Environment
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
dbf1af523c
|
Un-hardcode WebSecurityConfig authorities; add commenting
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |
Pekka Helenius
|
249ff1f052
|
Use logical Spring component BookAuth to retrieve Authorities;
un-hardcode rest MARKETING authority names
Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
|
4 years ago |