Skip to content

S
spring-boot
Switch branch/tag
History Find file
  • Andy Wilkinson's avatar
    Document security risks of DevTools' remote support more clearly · 89e050d7
    Andy Wilkinson authored 
    Previously, the security risks and our recommendations on how to
mitigate them were not documented as clearly as they could have been.
This commit makes some changes to try to address this:

1. The security risk is now noted at the beginning of the section
2. The recommendation to use SSL is now documented more prominently
   and an alternative recommendation to only use remote support on
   a trusted network has been added.
3. The example secret has been removed to prevent copy and paste
4. A recommendation to use a secret that is unique and strong has been
   added

Closes gh-18825
    89e050d7
Name
Last commit
 Last update
..
spring-boot Loading commit data...
spring-boot-actuator Loading commit data...
spring-boot-actuator-autoconfigure Loading commit data...
spring-boot-autoconfigure Loading commit data...
spring-boot-cli Loading commit data...
spring-boot-dependencies Loading commit data...
spring-boot-devtools Loading commit data...
spring-boot-docs Loading commit data...
spring-boot-parent Loading commit data...
spring-boot-properties-migrator Loading commit data...
spring-boot-starters Loading commit data...
spring-boot-test Loading commit data...
spring-boot-test-autoconfigure Loading commit data...
spring-boot-tools Loading commit data...
pom.xml Loading commit data...