diff options
| author | Patrik Lindström <99639133+thevaadinman@users.noreply.github.com> | 2024-11-08 10:02:31 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-11-08 10:02:31 +0200 |
| commit | 504ce433eaa06e329fbbce53f430c49c69768ba2 (patch) | |
| tree | 54279e0b829a663d8f1cf59ec0020ce54e826ff3 | |
| parent | 72f83d795cea1b0c4e02fd01b99bb7b5776ab792 (diff) | |
| download | vaadin-framework-504ce433eaa06e329fbbce53f430c49c69768ba2.tar.gz vaadin-framework-504ce433eaa06e329fbbce53f430c49c69768ba2.zip | |
Adds a warning banner to the Vaadin startup when not in production mode, warning the user about known security vulnerabilities and encouraging them to upgrade to a supported version.
| -rw-r--r-- | server/src/main/java/com/vaadin/server/Constants.java | 20 | ||||
| -rw-r--r-- | server/src/main/java/com/vaadin/server/DefaultDeploymentConfiguration.java | 3 |
2 files changed, 23 insertions, 0 deletions
diff --git a/server/src/main/java/com/vaadin/server/Constants.java b/server/src/main/java/com/vaadin/server/Constants.java index 754e52b70a..07581e4913 100644 --- a/server/src/main/java/com/vaadin/server/Constants.java +++ b/server/src/main/java/com/vaadin/server/Constants.java @@ -102,6 +102,26 @@ public interface Constants { + "VaadinService if you're not using custom class loader.\n" + "NullPointerExceptions will be thrown later." + "================================================================="; + + static final String UNMAINTAINED_VERSION_WARNING = "\n" + + " .::::::::::::::::::::::: WARNING :::::::::::::::::::::::. \n" + + "::' '::\n" + + ":: ::\n" + + ":: P L E A S E N O T E ::\n" + + ":: ::\n" + + ":: ::\n" + + ":: This is an unmaintained version of Vaadin Framework ::\n" + + ":: with known security issues. ::\n" + + ":: ::\n" + + ":: To upgrade to a maintained version, go to ::\n" + + ":: ::\n" + + ":: https://vaadin.com/vaadin-8-extended-maintenance ::\n" + + ":: ::\n" + + ":: ::\n" + + "::. .::\n" + + " '::::::::::::::::::::::: WARNING :::::::::::::::::::::::' \n" + + "\n"; + static final String URL_PARAMETER_THEME = "theme"; diff --git a/server/src/main/java/com/vaadin/server/DefaultDeploymentConfiguration.java b/server/src/main/java/com/vaadin/server/DefaultDeploymentConfiguration.java index eee17f11e2..eee351b630 100644 --- a/server/src/main/java/com/vaadin/server/DefaultDeploymentConfiguration.java +++ b/server/src/main/java/com/vaadin/server/DefaultDeploymentConfiguration.java @@ -265,12 +265,15 @@ public class DefaultDeploymentConfiguration /** * Log a warning if Vaadin is not running in production mode. + * + * Also show a warning about unmaintained version. */ private void checkProductionMode() { productionMode = getApplicationOrSystemProperty( Constants.SERVLET_PARAMETER_PRODUCTION_MODE, "false") .equals("true"); if (!productionMode) { + getLogger().warning(Constants.UNMAINTAINED_VERSION_WARNING); getLogger().warning(Constants.NOT_PRODUCTION_MODE_INFO); } } |