-
Task
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
-
Yes
Up until Magnolia 5.3, /.resources was used only for admincentral resources. Presumably, that's why CrossSiteSecurityFilter is configured by default with a bypass for this path.
Starting with 5.4 and resources module 2.4, /.resources will be used to serve resources (through ResourcesServlet and new ResourcePath API). Maybe we need to change the default bypass to make this more visible to users upgrading ? And/or simply document this ?
Acceptance criteria
- caused by
-
MGNLRES-144 Implement new origin-based ResourcesServlet
- Closed
-
MAGNOLIA-6128 Introduce uniform resource loading API
- Closed