Update the Java Play Framework generator to version 2.6.3 (#6356)

This commit is contained in:
Jean-François Côté 2017-08-23 22:23:10 -04:00 committed by wing328
parent 6ff612ffcb
commit 006b97525f
46 changed files with 234 additions and 72 deletions

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
{{#handleExceptions}}
play.http.errorHandler="swagger.ErrorHandler"
{{/handleExceptions}}
@ -44,7 +46,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -69,6 +71,11 @@ play.modules {
{{/useInterfaces}}
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -268,7 +275,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -282,7 +290,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -4,11 +4,12 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
{{#useSwaggerUI}}
libraryDependencies += "org.webjars" % "swagger-ui" % "2.2.10-1"
libraryDependencies += "org.webjars" % "swagger-ui" % "3.1.5"
{{/useSwaggerUI}}
{{#useBeanValidation}}
libraryDependencies += "javax.validation" % "validation-api" % "1.1.0.Final"
{{/useBeanValidation}}
libraryDependencies += guice

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")

View File

@ -19,4 +19,5 @@ GET /api controllers.ApiDocController.api
{{/apiInfo}}
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -4,7 +4,8 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
libraryDependencies += "org.webjars" % "swagger-ui" % "2.2.10-1"
libraryDependencies += "org.webjars" % "swagger-ui" % "3.1.5"
libraryDependencies += "javax.validation" % "validation-api" % "1.1.0.Final"
libraryDependencies += guice

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
play.http.errorHandler="swagger.ErrorHandler"
## Akka
@ -42,7 +44,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -62,6 +64,11 @@ play.modules {
disabled += "Module"
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -261,7 +268,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -275,7 +283,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -32,4 +32,5 @@ GET /v2/user/logout controllers.UserApiController.logout
PUT /v2/user/:username controllers.UserApiController.updateUser(username: String)
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")

View File

@ -4,7 +4,8 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
libraryDependencies += "org.webjars" % "swagger-ui" % "2.2.10-1"
libraryDependencies += "org.webjars" % "swagger-ui" % "3.1.5"
libraryDependencies += "javax.validation" % "validation-api" % "1.1.0.Final"
libraryDependencies += guice

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
play.http.errorHandler="swagger.ErrorHandler"
## Akka
@ -42,7 +44,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -61,6 +63,11 @@ play.modules {
# If there are any built-in modules that you want to disable, you can list them here.
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -260,7 +267,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -274,7 +282,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -45,4 +45,5 @@ GET /v2/user/logout controllers.UserApiController.logout
PUT /v2/user/:username controllers.UserApiController.updateUser(username: String)
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")

View File

@ -4,6 +4,7 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
libraryDependencies += "org.webjars" % "swagger-ui" % "2.2.10-1"
libraryDependencies += "org.webjars" % "swagger-ui" % "3.1.5"
libraryDependencies += guice

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
play.http.errorHandler="swagger.ErrorHandler"
## Akka
@ -42,7 +44,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -61,6 +63,11 @@ play.modules {
# If there are any built-in modules that you want to disable, you can list them here.
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -260,7 +267,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -274,7 +282,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -32,4 +32,5 @@ GET /v2/user/logout controllers.UserApiController.logout
PUT /v2/user/:username controllers.UserApiController.updateUser(username: String)
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")

View File

@ -4,7 +4,8 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
libraryDependencies += "org.webjars" % "swagger-ui" % "2.2.10-1"
libraryDependencies += "org.webjars" % "swagger-ui" % "3.1.5"
libraryDependencies += "javax.validation" % "validation-api" % "1.1.0.Final"
libraryDependencies += guice

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
## Akka
# https://www.playframework.com/documentation/latest/ScalaAkka#Configuration
@ -41,7 +43,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -60,6 +62,11 @@ play.modules {
# If there are any built-in modules that you want to disable, you can list them here.
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -259,7 +266,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -273,7 +281,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -32,4 +32,5 @@ GET /v2/user/logout controllers.UserApiController.logout
PUT /v2/user/:username controllers.UserApiController.updateUser(username: String)
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")

View File

@ -4,7 +4,8 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
libraryDependencies += "org.webjars" % "swagger-ui" % "2.2.10-1"
libraryDependencies += "org.webjars" % "swagger-ui" % "3.1.5"
libraryDependencies += "javax.validation" % "validation-api" % "1.1.0.Final"
libraryDependencies += guice

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
play.http.errorHandler="swagger.ErrorHandler"
## Akka
@ -42,7 +44,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -62,6 +64,11 @@ play.modules {
disabled += "Module"
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -261,7 +268,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -275,7 +283,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -32,4 +32,5 @@ GET /v2/user/logout controllers.UserApiController.logout
PUT /v2/user/:username controllers.UserApiController.updateUser(username: String)
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -1 +1,19 @@
2017-08-09 12:45:42,656 [INFO] from play.api.Play in ForkJoinPool-1-worker-1 - Application started (Dev)
2017-08-22 11:19:05,148 [INFO] from play.api.http.EnabledFilters in play-dev-mode-akka.actor.default-dispatcher-4 - Enabled Filters (see <https://www.playframework.com/documentation/latest/Filters>):
play.filters.csrf.CSRFFilter
play.filters.headers.SecurityHeadersFilter
play.filters.hosts.AllowedHostsFilter
2017-08-22 11:19:05,151 [INFO] from play.api.Play in play-dev-mode-akka.actor.default-dispatcher-4 - Application started (Dev)
2017-08-22 11:19:05,274 [WARN] from play.api.mvc.DefaultJWTCookieDataCodec in play-dev-mode-akka.actor.default-dispatcher-4 - decode: cookie has invalid signature! message = JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.
2017-08-22 11:19:05,275 [INFO] from play.api.mvc.DefaultJWTCookieDataCodec in play-dev-mode-akka.actor.default-dispatcher-4 - The JWT signature in the cookie does not match the locally computed signature with the server.
This usually indicates the browser has a leftover cookie from another Play application,
so clearing cookies may resolve this error message.
2017-08-22 11:19:12,122 [WARN] from play.api.mvc.DefaultJWTCookieDataCodec in play-dev-mode-akka.actor.default-dispatcher-4 - decode: cookie has invalid signature! message = JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.
2017-08-22 11:19:12,122 [INFO] from play.api.mvc.DefaultJWTCookieDataCodec in play-dev-mode-akka.actor.default-dispatcher-4 - The JWT signature in the cookie does not match the locally computed signature with the server.
This usually indicates the browser has a leftover cookie from another Play application,
so clearing cookies may resolve this error message.
2017-08-22 11:19:12,173 [WARN] from play.api.mvc.DefaultJWTCookieDataCodec in play-dev-mode-akka.actor.default-dispatcher-4 - decode: cookie has invalid signature! message = JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.
2017-08-22 11:19:12,173 [INFO] from play.api.mvc.DefaultJWTCookieDataCodec in play-dev-mode-akka.actor.default-dispatcher-4 - The JWT signature in the cookie does not match the locally computed signature with the server.
This usually indicates the browser has a leftover cookie from another Play application,
so clearing cookies may resolve this error message.

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")

View File

@ -4,6 +4,7 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
libraryDependencies += "javax.validation" % "validation-api" % "1.1.0.Final"
libraryDependencies += guice

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
play.http.errorHandler="swagger.ErrorHandler"
## Akka
@ -42,7 +44,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -61,6 +63,11 @@ play.modules {
# If there are any built-in modules that you want to disable, you can list them here.
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -260,7 +267,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -274,7 +282,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -31,4 +31,5 @@ GET /v2/user/logout controllers.UserApiController.logout
PUT /v2/user/:username controllers.UserApiController.updateUser(username: String)
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")

View File

@ -4,7 +4,8 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
libraryDependencies += "org.webjars" % "swagger-ui" % "2.2.10-1"
libraryDependencies += "org.webjars" % "swagger-ui" % "3.1.5"
libraryDependencies += "javax.validation" % "validation-api" % "1.1.0.Final"
libraryDependencies += guice

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
play.http.errorHandler="swagger.ErrorHandler"
## Akka
@ -42,7 +44,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -61,6 +63,11 @@ play.modules {
# If there are any built-in modules that you want to disable, you can list them here.
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -260,7 +267,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -274,7 +282,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -32,4 +32,5 @@ GET /v2/user/logout controllers.UserApiController.logout
PUT /v2/user/:username controllers.UserApiController.updateUser(username: String)
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")

View File

@ -4,7 +4,8 @@ version := "1.0-SNAPSHOT"
lazy val root = (project in file(".")).enablePlugins(PlayJava)
scalaVersion := "2.11.7"
scalaVersion := "2.12.2"
libraryDependencies += "org.webjars" % "swagger-ui" % "2.2.10-1"
libraryDependencies += "org.webjars" % "swagger-ui" % "3.1.5"
libraryDependencies += "javax.validation" % "validation-api" % "1.1.0.Final"
libraryDependencies += guice

View File

@ -15,6 +15,8 @@
# HOCON will fall back to substituting environment variable:
#mykey = ${JAVA_HOME}
play.filters.headers.contentSecurityPolicy=null
play.http.errorHandler="swagger.ErrorHandler"
## Akka
@ -42,7 +44,7 @@ akka {
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
play.http.secret.key = "changeme"
## Modules
# https://www.playframework.com/documentation/latest/Modules
@ -61,6 +63,11 @@ play.modules {
# If there are any built-in modules that you want to disable, you can list them here.
}
play.assets {
path = "/public"
urlPrefix = "/assets"
}
## IDE
# https://www.playframework.com/documentation/latest/IDE
# ~~~~~
@ -260,7 +267,8 @@ csrf {
# ~~~~~
# Defines security headers that prevent XSS attacks.
# If enabled, then all options are set to the below configuration by default:
headers {
play.filters.headers {
# The X-Frame-Options header. If null, the header is not set.
#frameOptions = "DENY"
@ -274,7 +282,13 @@ headers {
#permittedCrossDomainPolicies = "master-only"
# The Content-Security-Policy header. If null, the header is not set.
#contentSecurityPolicy = "default-src 'self'"
contentSecurityPolicy = "default-src 'self'"
# The Referrer-Policy header. If null, the header is not set.
#referrerPolicy = "origin-when-cross-origin, strict-origin-when-cross-origin"
# If true, allow an action to use .withHeaders to replace one or more of the above headers
#allowActionSpecificHeaders = false
}
## Allowed hosts filter configuration

View File

@ -32,4 +32,5 @@ GET /v2/user/logout controllers.UserApiController.logout
PUT /v2/user/:username controllers.UserApiController.updateUser(username: String)
# Map static resources from the /public folder to the /assets URL path
GET /assets/*file controllers.Assets.versioned(path="/public", file: Asset)
GET /assets/*file controllers.Assets.at(file)
GET /versionedAssets/*file controllers.Assets.versioned(file)

View File

@ -1 +1 @@
sbt.version=0.13.11
sbt.version=0.13.15

View File

@ -1,2 +1,2 @@
// The Play plugin
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.5.13")
addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.3")