You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This idea appears to come from the Tomcat plugin, which is fine for development but I fail to see any benefit outside of a development environment. Even if there is a valid use case, such feature should be clearly documented and opt-in in a potential "production" package, here it's not even opt-out and I don't see any mention of it anywhere.
Sorry if I sound a bit bitter, don't be mistaken I am very grateful for your work and amazing open source contributions but finding such a big longstanding security hole that could have been easily avoided (e.g. by simply not adding this feature) is quite frustrating.
The text was updated successfully, but these errors were encountered:
I had the very bad surprise to find an undocumented Tomcat kill switch port:
grails-standalone/src/runtime/grails/plugin/standalone/Launcher.java
Line 151 in 9e2e902
This idea appears to come from the Tomcat plugin, which is fine for development but I fail to see any benefit outside of a development environment. Even if there is a valid use case, such feature should be clearly documented and opt-in in a potential "production" package, here it's not even opt-out and I don't see any mention of it anywhere.
Sorry if I sound a bit bitter, don't be mistaken I am very grateful for your work and amazing open source contributions but finding such a big longstanding security hole that could have been easily avoided (e.g. by simply not adding this feature) is quite frustrating.
The text was updated successfully, but these errors were encountered: