mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
2b3003a84f
* MNT-21118: quickshare xss prevention The selected way to prevent from xss attacks is forcing browsers to download files by adding Content-Disposition to the response headers as it is done in V1. Forcing browsers to download files will always be the true for QuickShareContentGet, QuickShareThumbnailContentGet extends QuickShareContentGet, therefore the attach value will be overridden according to the url parameter "a". In the test, the thumbnail must be generated by a logged in user before sharing the link to the document.
Alfresco Remote API
Remote API is a library packaged as a jar file which is part of Alfresco Content Services Repository. The library contains the following:
- REST API framework
- WebScript implementations including V1 REST APIs
- OpenCMIS implementations
Building and testing
The project can be built by running Maven command:
mvn clean install
The tests are combined in test classes split by test type or Spring application context used in the test, see classes in src/test/java/org/alfresco. All of these classes as well as individual tests can be run by specifying the test class name and a set of DB connection properties, for example:
mvn clean test -Dtest=SomeTest -Ddb.driver=org.postgresql.Driver -Ddb.name=alfresco -Ddb.url=jdbc:postgresql:alfresco -Ddb.username=alfresco -Ddb.password=alfresco
Artifacts
The artifacts can be obtained by:
- downloading from Alfresco repository
- getting as Maven dependency by adding the dependency to your pom file:
<dependency>
<groupId>org.alfresco</groupId>
<artifactId>alfresco-remote-api</artifactId>
<version>version</version>
</dependency>
and Alfresco Maven repository:
<repository>
<id>alfresco-maven-repo</id>
<url>https://artifacts.alfresco.com/nexus/content/groups/public</url>
</repository>
The SNAPSHOT version of the artifact is never published.
Contributing guide
Please use this guide to make a contribution to the project.