OFBiz › OFBiz - Commits

svn commit: r1719874 [1/2] - in /ofbiz/branches/release14.12: ./ applications/accounting/webapp/accounting/WEB-INF/ applications/accounting/webapp/ap/WEB-INF/ applications/accounting/webapp/ar/WEB-INF/ applications/commonext/webapp/WEB-INF/ application...

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

jleroux@apache.org

svn commit: r1719874 [1/2] - in /ofbiz/branches/release14.12: ./ applications/accounting/webapp/accounting/WEB-INF/ applications/accounting/webapp/ap/WEB-INF/ applications/accounting/webapp/ar/WEB-INF/ applications/commonext/webapp/WEB-INF/ application...

Author: jleroux
Date: Mon Dec 14 10:09:19 2015
New Revision: 1719874

URL: http://svn.apache.org/viewvc?rev=1719874&view=rev
Log:
"Applied fix from trunk for revision: 1719872"
but Index: applications/content/webapp/contentimages/WEB-INF/web.xml
Anyway it's only a placeholder, I'm not even sure we need it there
------------------------------------------------------------------------
r1719872 | jleroux | 2015-12-14 11:02:24 +0100 (lun. 14 déc. 2015) | 30 lignes

2 modified patches from Rahul Bhammarker for "Add session tracking mode and make cookie secure" https://issues.apache.org/jira/browse/OFBIZ-6655

Need to enhance security at web-app level.
As per current implementation:
- The cookie containing the session identifier is not secure
- The session identifier is transmitted in the query string of the URL

To fix these issue we have to add following session config otpions in web.xml
{code}
<session-config>
<cookie-config>
<http-only>true</http-only>
<secure>true</secure>
</cookie-config>
<tracking-mode>COOKIE</tracking-mode>
</session-config>
{code}

Also we need to update the web-app servlet specification from 2.3 to 3.0
{code}
<web-app version="3.0"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
{code}
https://tomcat.apache.org/whichversion.html

jleroux: these are only the framework+themes+applications patches, with 3 entries not applied

------------------------------------------------------------------------

Modified:
ofbiz/branches/release14.12/ (props changed)
ofbiz/branches/release14.12/applications/accounting/webapp/accounting/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/accounting/webapp/ap/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/accounting/webapp/ar/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/commonext/webapp/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/commonext/webapp/ordermgr-js/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/content/webapp/content/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/humanres/webapp/humanres/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/marketing/webapp/marketing/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/marketing/webapp/sfa/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/order/webapp/ordermgr/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/party/webapp/partymgr/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/product/webapp/catalog/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/product/webapp/facility/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/workeffort/webapp/ical/WEB-INF/web.xml
ofbiz/branches/release14.12/applications/workeffort/webapp/workeffort/WEB-INF/web.xml
ofbiz/branches/release14.12/framework/images/webapp/images/WEB-INF/web.xml
ofbiz/branches/release14.12/framework/resources/templates/web.xml
ofbiz/branches/release14.12/framework/webtools/webapp/webtools/WEB-INF/web.xml
ofbiz/branches/release14.12/themes/bizznesstime/webapp/bizznesstime/WEB-INF/web.xml
ofbiz/branches/release14.12/themes/bluelight/webapp/bluelight/WEB-INF/web.xml
ofbiz/branches/release14.12/themes/droppingcrumbs/webapp/droppingcrumbs/WEB-INF/web.xml
ofbiz/branches/release14.12/themes/flatgrey/webapp/flatgrey/WEB-INF/web.xml
ofbiz/branches/release14.12/themes/multiflex/webapp/multiflex/WEB-INF/web.xml
ofbiz/branches/release14.12/themes/tomahawk/webapp/tomahawk/WEB-INF/web.xml

Propchange: ofbiz/branches/release14.12/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 14 10:09:19 2015
@@ -8,4 +8,4 @@
/ofbiz/branches/json-integration-refactoring:1634077-1635900
/ofbiz/branches/multitenant20100310:921280-927264
/ofbiz/branches/release13.07:1547657
-/ofbiz/trunk:1649072,1649083-1649084,1649086,1649090,1649096,1649230,1649238-1649239,1649248,1649272,1649275,1649280-1649281,1649283,1649285-1649286,1649291,1649329,1649331,1649384,1649393,1649666,1649742,1650240,1650348,1650357,1650583,1650642,1650678,1650821,1650882,1650887,1650938,1651593,1652312,1652361,1652638,1652641,1652672,1652688,1652706,1652725,1652731,1652739,1652852,1653248,1653296,1653456,1653597,1653614,1654175,1654273,1654509,1654670,1654672-1654673,1654683-1654684,1654824,1655046,1655668,1655979,1656014,1656185,1656198,1656445,1656983,1657323,1657506-1657507,1657514,1657714,1657790,1657848,1658364,1658662,1658882,1659224,1659965,1660031,1660053,1660389,1660444,1660579,1661303,1661328,1661760,1661778,1661853,1661862,1661873,1661940,1661951,1661977,1662119-1662120,1662361,1662500,1662812,1662919,1663202,1663912,1663979,1664602,1664604,1664696,1665154,1665162,1665535,1666404,1666511,1666633,1666836,1666939,1666949,1666958,1667055,1667253,1667483,1667492,1667774,1668207,
1668214,1668236,1668246,1668258,1668263,1668265,1668270,1668277,1668314,1668657,1669317,1669588,1672427,1672430,1672846,1672853,1672856,1672862,1672873,1673764,1674447,1674464,1674491,1674496,1674908,1676674,1677123,1677597,1677769-1677770,1678294,1678882,1678911,1679689,1679697,1679709,1679720,1679728,1679732,1679957,1680155,1680288,1680304,1680671,1680675,1680733,1680840,1680881,1682272,1682295,1682415,1682633,1683998,1684094,1686360,1686536,1686545,1686566,1686569,1686574,1686583,1686635,1686651,1686970,1687427,1688772,1690086,1690581,1692357,1692458,1692600,1692604,1693393,1693579,1695017,1696018,1696234,1697590,1697647,1697993,1698259,1698261,1698263,1701164,1701441,1701819,1701825,1701936,1702002,1702548,1702704,1703121,1703586,1703945,1703954,1703965,1703971,1703976-1703977,1703981,1704000,1704014,1704018,1704036,1704043,1704052,1704082,1704140,1704230,1705004,1705329,1705405,1705412,1705417,1705427,1705532,1706159,1706162,1706316,1706531,1706549,1706553,1706561,1706569,17065
77,1706589,1706591,1706593,1706694,1707837,1707857,1708274,1708341,1708742,1708930,1709117,1710178,1710348,1711513,1712971,1714244,1714410,1714415,1714571,1714657,1715477-1715478,1715485,1715501,1716319,1717058,1717180,1717682,1717710,1717760,1718023,1718109,1719094
+/ofbiz/trunk:1649072,1649083-1649084,1649086,1649090,1649096,1649230,1649238-1649239,1649248,1649272,1649275,1649280-1649281,1649283,1649285-1649286,1649291,1649329,1649331,1649384,1649393,1649666,1649742,1650240,1650348,1650357,1650583,1650642,1650678,1650821,1650882,1650887,1650938,1651593,1652312,1652361,1652638,1652641,1652672,1652688,1652706,1652725,1652731,1652739,1652852,1653248,1653296,1653456,1653597,1653614,1654175,1654273,1654509,1654670,1654672-1654673,1654683-1654684,1654824,1655046,1655668,1655979,1656014,1656185,1656198,1656445,1656983,1657323,1657506-1657507,1657514,1657714,1657790,1657848,1658364,1658662,1658882,1659224,1659965,1660031,1660053,1660389,1660444,1660579,1661303,1661328,1661760,1661778,1661853,1661862,1661873,1661940,1661951,1661977,1662119-1662120,1662361,1662500,1662812,1662919,1663202,1663912,1663979,1664602,1664604,1664696,1665154,1665162,1665535,1666404,1666511,1666633,1666836,1666939,1666949,1666958,1667055,1667253,1667483,1667492,1667774,1668207,
1668214,1668236,1668246,1668258,1668263,1668265,1668270,1668277,1668314,1668657,1669317,1669588,1672427,1672430,1672846,1672853,1672856,1672862,1672873,1673764,1674447,1674464,1674491,1674496,1674908,1676674,1677123,1677597,1677769-1677770,1678294,1678882,1678911,1679689,1679697,1679709,1679720,1679728,1679732,1679957,1680155,1680288,1680304,1680671,1680675,1680733,1680840,1680881,1682272,1682295,1682415,1682633,1683998,1684094,1686360,1686536,1686545,1686566,1686569,1686574,1686583,1686635,1686651,1686970,1687427,1688772,1690086,1690581,1692357,1692458,1692600,1692604,1693393,1693579,1695017,1696018,1696234,1697590,1697647,1697993,1698259,1698261,1698263,1701164,1701441,1701819,1701825,1701936,1702002,1702548,1702704,1703121,1703586,1703945,1703954,1703965,1703971,1703976-1703977,1703981,1704000,1704014,1704018,1704036,1704043,1704052,1704082,1704140,1704230,1705004,1705329,1705405,1705412,1705417,1705427,1705532,1706159,1706162,1706316,1706531,1706549,1706553,1706561,1706569,17065
77,1706589,1706591,1706593,1706694,1707837,1707857,1708274,1708341,1708742,1708930,1709117,1710178,1710348,1711513,1712971,1714244,1714410,1714415,1714571,1714657,1715477-1715478,1715485,1715501,1716319,1717058,1717180,1717682,1717710,1717760,1718023,1718109,1719094,1719872

Modified: ofbiz/branches/release14.12/applications/accounting/webapp/accounting/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/accounting/webapp/accounting/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/accounting/webapp/accounting/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/accounting/webapp/accounting/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Accounting Manager</display-name>
<description>Accounting Manager Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>accounting</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://accounting/widget/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>
<context-param>
+ <description>The location of the CommonPartyDecorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>partyDecoratorLocation</param-name>
<param-value>component://accounting/widget/CommonScreens.xml</param-value>
- <description>The location of the CommonPartyDecorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -77,9 +80,9 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -90,6 +93,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/accounting/webapp/ap/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/accounting/webapp/ap/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/accounting/webapp/ap/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/accounting/webapp/ap/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">

-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Account Payable</display-name>
<description>Accounting Payable Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>ap</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://accounting/widget/ap/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>
<context-param>
+ <description>The location of the CommonPartyDecorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>partyDecoratorLocation</param-name>
<param-value>component://accounting/widget/CommonScreens.xml</param-value>
- <description>The location of the CommonPartyDecorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -71,9 +74,9 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -83,6 +86,11 @@ under the License.
</servlet-mapping>
<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>

Modified: ofbiz/branches/release14.12/applications/accounting/webapp/ar/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/accounting/webapp/ar/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/accounting/webapp/ar/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/accounting/webapp/ar/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Account Receivable</display-name>
<description>Accounting Receivable Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>ar</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://accounting/widget/ar/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>
<context-param>
+ <description>The location of the CommonPartyDecorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>partyDecoratorLocation</param-name>
<param-value>component://accounting/widget/CommonScreens.xml</param-value>
- <description>The location of the CommonPartyDecorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -77,9 +80,9 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -90,6 +93,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/commonext/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/commonext/webapp/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/commonext/webapp/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/commonext/webapp/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Common application extension</display-name>
<description>Common application extension Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>commonext</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://commonext/widget/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>
<context-param>
+ <description>BeanShell Script Location</description>
<param-name>scriptLocationPath</param-name>
<param-value>/WEB-INF/bsh</param-value>
- <description>BeanShell Script Location</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
- <display-name>ContextFilter</display-name>
- <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
+ <display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
+ <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
<param-value>N</param-value>
@@ -77,9 +80,9 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -90,6 +93,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

</web-app>

Modified: ofbiz/branches/release14.12/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Setup Manager</display-name>
<description>Setup Manager Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>setup</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://commonext/widget/ofbizsetup/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>
<context-param>
+ <description>BeanShell Script Location</description>
<param-name>scriptLocationPath</param-name>
<param-value>/WEB-INF/bsh</param-value>
- <description>BeanShell Script Location</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -77,9 +80,9 @@


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -90,6 +93,11 @@

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/commonext/webapp/ordermgr-js/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/commonext/webapp/ordermgr-js/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/commonext/webapp/ordermgr-js/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/commonext/webapp/ordermgr-js/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -16,11 +16,20 @@
limitations under the License.
-->

-<!DOCTYPE web-app
- PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
- "http://java.sun.com/dtd/web-app_2_3.dtd">
-
-<web-app>
+
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Empty placeholder</display-name>
<description>Empty placeholder, see http://svn.apache.org/viewvc?view=revision&revision=1612202 </description>
+ <session-config>
+ <session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
+ </session-config>
</web-app>

Modified: ofbiz/branches/release14.12/applications/content/webapp/content/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/content/webapp/content/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/content/webapp/content/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/content/webapp/content/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Content Manager</display-name>
<description>Content Manager Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>content</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://content/widget/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>
<context-param>
+ <description>The location of the cms decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>cmsDecoratorLocation</param-name>
<param-value>component://content/widget/CommonScreens.xml</param-value>
- <description>The location of the cms decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -77,9 +80,9 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -90,6 +93,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/humanres/webapp/humanres/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/humanres/webapp/humanres/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/humanres/webapp/humanres/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/humanres/webapp/humanres/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - HumanRes Manager</display-name>
<description>HumanRes Manager Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>Humanres</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://humanres/widget/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -72,9 +75,9 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -85,6 +88,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Manufacturing Manager</display-name>
<description>Manufacturing Manager Module by TAU Informatica srl</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>manufacturing</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
- <param-name>mainDecoratorLocation</param-name>
- <param-value>component://manufacturing/widget/manufacturing/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
+ <param-name>mainDecoratorLocation</param-name>
+ <param-value>component://manufacturing/widget/manufacturing/CommonScreens.xml</param-value>
</context-param>
<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -71,8 +74,8 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
<display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<description>Main Control Servlet</description>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
@@ -84,6 +87,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/marketing/webapp/marketing/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/marketing/webapp/marketing/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/marketing/webapp/marketing/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/marketing/webapp/marketing/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Marketing Manager</display-name>
<description>Marketing Manager Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>marketing</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>BeanShell Script Location</description>
<param-name>scriptLocationPath</param-name>
<param-value>/WEB-INF/bsh</param-value>
- <description>BeanShell Script Location</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://marketing/widget/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -77,9 +80,9 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -90,6 +93,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/marketing/webapp/sfa/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/marketing/webapp/sfa/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/marketing/webapp/sfa/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/marketing/webapp/sfa/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - SFA Manager</display-name>
<description>SFA Manager Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>sfa</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://marketing/widget/sfa/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -72,9 +75,9 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -85,6 +88,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/order/webapp/ordermgr/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/order/webapp/ordermgr/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/order/webapp/ordermgr/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/order/webapp/ordermgr/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Order Manager</display-name>
<description>Order Manager Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>order</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://order/widget/ordermgr/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -73,16 +76,16 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
- <servlet-name>CatalogUrlServlet</servlet-name>
- <display-name>CatalogUrlServlet</display-name>
<description>Catalog (Category/Product) URL Servlet</description>
+ <display-name>CatalogUrlServlet</display-name>
+ <servlet-name>CatalogUrlServlet</servlet-name>
<servlet-class>org.ofbiz.product.category.CatalogUrlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -98,6 +101,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/party/webapp/partymgr/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/party/webapp/partymgr/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/party/webapp/partymgr/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/party/webapp/partymgr/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
- <display-name>Apache OFBiz - Party Manager</display-name>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<description>Party Manager Module of the Apache OFBiz Project</description>
+ <display-name>Apache OFBiz - Party Manager</display-name>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>partymgr</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://party/widget/partymgr/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
- <display-name>ContextFilter</display-name>
- <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
+ <display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
+ <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
<param-value>N</param-value>
@@ -70,11 +73,11 @@ under the License.
<listener><listener-class>org.ofbiz.webapp.control.LoginEventListener</listener-class></listener>


+ <description>Main Control Servlet</description>

<servlet>
- <servlet-name>ControlServlet</servlet-name>
<display-name>ControlServlet</display-name>
- <description>Main Control Servlet</description>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -85,6 +88,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/product/webapp/catalog/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/product/webapp/catalog/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/product/webapp/catalog/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/product/webapp/catalog/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Catalog</display-name>
<description>Catalog Module of the Apache OFBiz Project</description>

<context-param>
- <param-name>entityDelegatorName</param-name>
- <param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
+ <param-name>entityDelegatorName</param-name>
+ <param-value>default</param-value>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>catalog</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://product/widget/catalog/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -72,17 +75,17 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet>
- <servlet-name>ImageUrlServlet</servlet-name>
- <display-name>ImageUrlServlet</display-name>
<description>Image URL Servlet</description>
+ <display-name>ImageUrlServlet</display-name>
+ <servlet-name>ImageUrlServlet</servlet-name>
<servlet-class>org.ofbiz.product.imagemanagement.ImageUrlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -99,6 +102,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/product/webapp/facility/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/product/webapp/facility/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/product/webapp/facility/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/product/webapp/facility/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - Facility Manager</display-name>
<description>Facility Manager Module of the Apache OFBiz Project</description>

<context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
<param-name>entityDelegatorName</param-name>
<param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
</context-param>
<context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
<param-name>localDispatcherName</param-name>
<param-value>facility</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
</context-param>
<context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>mainDecoratorLocation</param-name>
<param-value>component://product/widget/facility/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>
<context-param>
+ <description>The location of the CommonFacilityDecorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
<param-name>commonFacilityDecoratorLocation</param-name>
<param-value>component://product/widget/facility/CommonScreens.xml</param-value>
- <description>The location of the CommonFacilityDecorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
</context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -77,16 +80,16 @@ under the License.


<servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
<description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
<servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
- <servlet-name>ShippingAPI</servlet-name>
- <display-name>ShippingAPI</display-name>
<description>Mock USPS Webtools API Servlet</description>
+ <display-name>ShippingAPI</display-name>
+ <servlet-name>ShippingAPI</servlet-name>
<servlet-class>org.ofbiz.shipment.thirdparty.usps.UspsMockApiServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
@@ -101,6 +104,11 @@ under the License.

<session-config>
<session-timeout>60</session-timeout> 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>

Modified: ofbiz/branches/release14.12/applications/workeffort/webapp/ical/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/workeffort/webapp/ical/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/workeffort/webapp/ical/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/workeffort/webapp/ical/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
- <display-name>Apache OFBiz - iCalendar Server</display-name>
- <description>iCalendar Server Module of the Apache OFBiz Project</description>
-
- <context-param>
- <param-name>entityDelegatorName</param-name>
- <param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
- </context-param>
- <context-param>
- <param-name>localDispatcherName</param-name>
- <param-value>ical</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
- </context-param>
- <context-param>
- <param-name>requestHandlerFactoryClass</param-name>
- <param-value>org.ofbiz.workeffort.workeffort.ICalHandlerFactory</param-value>
- </context-param>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
+ <display-name>Apache OFBiz - iCalendar Server</display-name>
+ <description>iCalendar Server Module of the Apache OFBiz Project</description>
+
+ <context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
+ <param-name>entityDelegatorName</param-name>
+ <param-value>default</param-value>
+ </context-param>
+ <context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
+ <param-name>localDispatcherName</param-name>
+ <param-value>ical</param-value>
+ </context-param>
+ <context-param>
+ <param-name>requestHandlerFactoryClass</param-name>
+ <param-value>org.ofbiz.workeffort.workeffort.ICalHandlerFactory</param-value>
+ </context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -49,7 +52,9 @@ under the License.
</init-param>
<init-param>
<param-name>allowedPaths</param-name>
- <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/includes/maincss.css</param-value>
+ <param-value>
+ /error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/includes/maincss.css
+ </param-value>
</init-param>
<init-param>
<param-name>errorCode</param-name>
@@ -62,30 +67,40 @@ under the License.
</filter>
<filter-mapping>
<filter-name>ContextFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <url-pattern>/*</url-pattern>
</filter-mapping>
- <listener><listener-class>org.ofbiz.webapp.control.ControlEventListener</listener-class></listener>
- <listener><listener-class>org.ofbiz.webapp.control.LoginEventListener</listener-class></listener>
- 
- 
-
- <servlet>
- <servlet-name>iCalendarServlet</servlet-name>
- <display-name>iCalendarServlet</display-name>
- <description>iCalendar WebDAV Servlet</description>
- <servlet-class>org.ofbiz.webapp.webdav.WebDavServlet</servlet-class>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>iCalendarServlet</servlet-name>
- <url-pattern>/*</url-pattern>
- </servlet-mapping>
-
- <session-config>
- <session-timeout>60</session-timeout> 
- </session-config>
-
- <welcome-file-list>
- <welcome-file>index.jsp</welcome-file>
- </welcome-file-list>
+ <listener>
+ <listener-class>org.ofbiz.webapp.control.ControlEventListener</listener-class>
+ </listener>
+ <listener>
+ <listener-class>org.ofbiz.webapp.control.LoginEventListener</listener-class>
+ </listener>
+ 
+ 
+
+ <servlet>
+ <description>iCalendar WebDAV Servlet</description>
+ <display-name>iCalendarServlet</display-name>
+ <servlet-name>iCalendarServlet</servlet-name>
+ <servlet-class>org.ofbiz.webapp.webdav.WebDavServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>iCalendarServlet</servlet-name>
+ <url-pattern>/*</url-pattern>
+ </servlet-mapping>
+
+ <session-config>
+ <session-timeout>60</session-timeout>
+ 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
+ </session-config>
+
+ <welcome-file-list>
+ <welcome-file>index.jsp</welcome-file>
+ </welcome-file-list>
</web-app>

Modified: ofbiz/branches/release14.12/applications/workeffort/webapp/workeffort/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/applications/workeffort/webapp/workeffort/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/applications/workeffort/webapp/workeffort/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/applications/workeffort/webapp/workeffort/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">



-<web-app>
- <display-name>Apache OFBiz - Work Manager</display-name>
- <description>Work Manager Module of the Apache OFBiz Project</description>
-
- <context-param>
- <param-name>entityDelegatorName</param-name>
- <param-value>default</param-value>
- <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
- </context-param>
- <context-param>
- <param-name>localDispatcherName</param-name>
- <param-value>workeffort</param-value>
- <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
- </context-param>
- <context-param>
- <param-name>scriptLocationPath</param-name>
- <param-value>/WEB-INF/bsh</param-value>
- <description>BeanShell Script Location</description>
- </context-param>
- <context-param>
- <param-name>mainDecoratorLocation</param-name>
- <param-value>component://workeffort/widget/CommonScreens.xml</param-value>
- <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description>
- </context-param>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
+ <display-name>Apache OFBiz - Work Manager</display-name>
+ <description>Work Manager Module of the Apache OFBiz Project</description>
+
+ <context-param>
+ <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description>
+ <param-name>entityDelegatorName</param-name>
+ <param-value>default</param-value>
+ </context-param>
+ <context-param>
+ <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description>
+ <param-name>localDispatcherName</param-name>
+ <param-value>workeffort</param-value>
+ </context-param>
+ <context-param>
+ <description>BeanShell Script Location</description>
+ <param-name>scriptLocationPath</param-name>
+ <param-value>/WEB-INF/bsh</param-value>
+ </context-param>
+ <context-param>
+ <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable
+ in screen def XML files.
+ </description>
+ <param-name>mainDecoratorLocation</param-name>
+ <param-value>component://workeffort/widget/CommonScreens.xml</param-value>
+ </context-param>

<filter>
- <filter-name>ContextFilter</filter-name>
<display-name>ContextFilter</display-name>
+ <filter-name>ContextFilter</filter-name>
<filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
@@ -55,7 +60,9 @@ under the License.
</init-param>
<init-param>
<param-name>allowedPaths</param-name>
- <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/includes/maincss.css</param-value>
+ <param-value>
+ /error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/includes/maincss.css
+ </param-value>
</init-param>
<init-param>
<param-name>errorCode</param-name>
@@ -68,90 +75,100 @@ under the License.
</filter>
<filter-mapping>
<filter-name>ContextFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <url-pattern>/*</url-pattern>
</filter-mapping>

- <listener><listener-class>org.ofbiz.webapp.control.ControlEventListener</listener-class></listener>
- <listener><listener-class>org.ofbiz.webapp.control.LoginEventListener</listener-class></listener>
- 
- 
-
- <servlet>
- <servlet-name>ControlServlet</servlet-name>
- <display-name>ControlServlet</display-name>
- <description>Main Control Servlet</description>
- <servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>ControlServlet</servlet-name>
- <url-pattern>/control/*</url-pattern>
- </servlet-mapping>
-
- <session-config>
- <session-timeout>60</session-timeout> 
- </session-config>
-
- <welcome-file-list>
- <welcome-file>index.jsp</welcome-file>
- </welcome-file-list>
-
-
-
-
-
+ <listener>
+ <listener-class>org.ofbiz.webapp.control.ControlEventListener</listener-class>
+ </listener>
+ <listener>
+ <listener-class>org.ofbiz.webapp.control.LoginEventListener</listener-class>
+ </listener>
+ 
+ 
+
+ <servlet>
+ <description>Main Control Servlet</description>
+ <display-name>ControlServlet</display-name>
+ <servlet-name>ControlServlet</servlet-name>
+ <servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>ControlServlet</servlet-name>
+ <url-pattern>/control/*</url-pattern>
+ </servlet-mapping>
+
+ <session-config>
+ <session-timeout>60</session-timeout>
+ 
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
+ </session-config>
+
+ <welcome-file-list>
+ <welcome-file>index.jsp</welcome-file>
+ </welcome-file-list>
+ 
+
+ 
+
+ 

-
+ 
</web-app>

Modified: ofbiz/branches/release14.12/framework/images/webapp/images/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/framework/images/webapp/images/WEB-INF/web.xml?rev=1719874&r1=1719873&r2=1719874&view=diff
==============================================================================
--- ofbiz/branches/release14.12/framework/images/webapp/images/WEB-INF/web.xml (original)
+++ ofbiz/branches/release14.12/framework/images/webapp/images/WEB-INF/web.xml Mon Dec 14 10:09:19 2015
@@ -1,5 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">


-<web-app>
+<web-app version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>Apache OFBiz - demostore images</display-name>
<description>Demo Store Images for the Apache OFBiz Project</description>

<session-config>
<session-timeout>1</session-timeout>
+ <cookie-config>
+ <http-only>true</http-only>
+ <secure>true</secure>
+ </cookie-config>
+ <tracking-mode>COOKIE</tracking-mode>
</session-config>

<welcome-file-list>