Pubman 8.0.11
Jump to navigation
Jump to search
This is a protected page.
This page shall contain every change that is made during a qa release of the version mentioned above. If it's not here, it never happened!
PubMan 8.0.11 Release[edit]
Affected Servers[edit]
Prepare read only system[edit]
Backups[edit]
Java[edit]
Elastic Search[edit]
- geändertes Mapping Index items (-> items_20190522)
"allowedAudienceIds": { "type": "text", "fields": { "keyword":{ "type": "keyword", "normalizer": "sort" } } }
- Reindex aus Datenbank notwendig
Database[edit]
PubMan EAR[edit]
PubMan Properties[edit]
inge.pubman.blog.baseUrl=https://blog.pure.mpg.de/
inge.pubman.blog.news=https://blog.pure.mpg.de/feed/
inge.pubman.handbook.url=https://subversion.mpdl.mpg.de/repos/smc/tags/public/PubMan/Benutzerhandbuch_WebHelp/index.htm
Wildfly[edit]
- standalone.xml
<servlet-container name="default" default-encoding="UTF-8">
<session-cookie http-only="true" secure="true"/>
<jsp-config/>
<websockets/>
</servlet-container>
Apache[edit]
- Add new Headers for Security, XSS-Protection, nosiff, disallow Cross-Domain and Content Security-Policy (allow only needed Content)
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff
Header set Content-Security-Policy "default-src 'self' qa.pure.mpdl.mpg.de matomo.mpdl.mpg.de feedrapp.herokuapp.com jqueryui.com www.mendeley.com static.mendeley.com www.bibsonomy.org i.creativecommons.org licensebuttons.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' qa.pure.mpdl.mpg.de matomo.mpdl.mpg.de feedrapp.herokuapp.com jqueryui.com; style-src 'self' qa.pure.mpdl.mpg.de matomo.mpdl.mpg.de feedrapp.herokuapp.com jqueryui.com 'unsafe-inline'; object-src 'self';"
Header set X-Permitted-Cross-Domain-Policies "none"
Installation Mod_security[edit]
apt install libapache2-mod-security2 a2enmod security2