i2p.i2p/apps/jetty at 2bf04648c3fdbb4dca5fdfd9c71d3accfb3aca58 - i2p.i2p - Gitea: Git with a cup of tea

dandri/i2p.i2p

mirror of https://github.com/i2p/i2p.i2p.git synced 2026-05-14 18:25:14 +00:00

Files

T

History

zzz 8f2a8b3e3a Console: Validate Origin header

related changes to follow
adapted from code in I2P+, same license as ours

reported by: bottomlineit.co.za

2026-05-06 12:48:46 -04:00

..

.externalToolBuilders

Updated Eclipse settings

2014-07-26 02:48:49 +00:00

apache-tomcat-9.0.107

Tomcat 9.0.107

2025-07-27 14:52:40 -04:00

java/src/net/i2p

Console: Validate Origin header

2026-05-06 12:48:46 -04:00

jetty-home-12.0.28

Update to Jetty 12.0.28, add jars

2025-10-15 12:17:37 -04:00

jetty-home-12.0.32/lib

Debian: Require libjetty12-java 12.0.32-2

2026-03-13 08:35:40 -04:00

disable any chance of JNDI lookups in log4j.properties file by setting %m{nolookups}. I don't think we're actually vulnerable to CVE-2021-44228 if I'm understanding correctly, by default it doesn't seem like we actually use log4j for much of anything and we don't do much logging of arbitrarily crafted remote inputs, but also it seems like this JNDI lookups thing is way more trouble than it could possibly be worth to us. Maybe it's a good idea to make sure it's turned off by default.

2021-12-10 21:01:37 -05:00

build.gradle

Build: Gradle fixes for Jetty 12

2026-03-19 19:27:22 -04:00

build.xml

Debian: Require libjetty12-java 12.0.32-2

2026-03-13 08:35:40 -04:00

README-i2p.txt

jetty 7 first cut

2012-11-21 18:05:50 +00:00