MALIO-DEV/PlantUmlServer
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix security #122

Browse Source
This commit is contained in:
Arnaud Roques
2019-09-26 19:08:48 +02:00
parent aa9172f715
commit 83138142c5
4 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/net/sourceforge/plantuml/servlet/UmlDiagramService.java
View File

@@ -42,6 +42,13 @@ import java.util.regex.Pattern;
@SuppressWarnings("serial")
public abstract class UmlDiagramService extends HttpServlet {
static {
OptionFlags.ALLOW_INCLUDE = false;
if ("true".equalsIgnoreCase(System.getenv("ALLOW_PLANTUML_INCLUDE"))) {
OptionFlags.ALLOW_INCLUDE = true;
}
}
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {