Files

Avgustin Marinov acff82f60f Small security improvements (#1412 )

Typos fixed

Disables empty string gateway token for sure. Test if the gateway token is not empty string ecplicitly.
Empty string is the default value and if accepted could be a security vulnerability (e.g. enabling gateway token
authentication and using empty string as token). According to https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.4
the header value shall not have trailing spaces and the http server shall already have trimmed them. So if execution passes
start with "GatewayToken " then token shall not be empty. But but let's check anyway

In UI first set key then enable the gateway token authentication. Otherwise the key might be left empty (default). This however
shall not be really problem since (because of token trimming) the empty token will be rejected anyway.

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>

2023-08-16 14:25:17 +03:00

src

Small security improvements (#1412 )

2023-08-16 14:25:17 +03:00

.gitignore

Remove and Rename modules

2016-05-18 13:48:04 +02:00

pom.xml

[#1383 ] Spring Boot 3 Migration / Step 1 (#1384 )

2023-07-17 10:36:26 +03:00

README.md

[#1378 ] Switch to Tomcat

2023-06-28 16:23:39 +03:00

README.md

hawkBit User Interface

The hawkBit user interface is based on the Vaadin and Vaadin-Spring framework and allows to manage software updates and large scale roll-outs via a user interface.

Debugging client-side code

Debug using SuperDevMode

The SuperDevMode can be used to debug client side code without any browser plugin.

Using SuperDevMode with chrome :

Add required maven dependencies
- Add vaadin-client-compiler dependency
Set redirect property in the AppWidgetSet.gwt.xml module descriptor as follows
- < set-configuration-property name="devModeRedirectEnabled" value="true" />
Create launch configuration for the SuperDevMode
- The main class to execute should be com.google.gwt.dev.codeserver.CodeServer.
- Add fully-qualified class name of widgetset (org.eclipse.hawkbit.ui.AppWidgetSet) as parameter
Enable debug in chrome
- Chrome inspector window ▸ Click on settings icon ▸ Scripts ▸ Enable source maps option
Run the SuperDevMode Code Server with the launch configuration created above
Open http://localhost:8080/UI/?debug .Click on "SuperDev" button in debug console (Alternatively can directly add ?superdevmode parameter to URL)
Widgetset is compiled and you can see the java code files loaded in 'Chrome inspector window ▸ Source tab'

Using SuperDevMode with Eclipse :

Install the plugin from http://sdbg.github.io/p2
Start the server and Super Dev Mode as mentioned above
Create a new launch configuration in Eclipse
- Type is "Launch Chrome"
- http://localhost:8080/UI/?superdevmode
Launch the new configuration in debug mode
Now breakpoints in eclipse can be set