Will Sargent
Will Sargent
@h3xstream let me know if I can help with this.
@h3xstream okay, have posted to https://groups.google.com/d/topic/play-framework/hPbpqCzk53M/discussion for more projects :-)
@h3xstream I would also suggest checking for SecurityHeadersFilter in Play: https://www.playframework.com/documentation/2.4.x/SecurityHeaders
Source code is enabled by setting `` in a logback.xml file https://tersesystems.github.io/blindsight/usage/sourcecode.html
...I could have sworn I fixed this already, but #8256 shows as open. @brunoballekens any errors or warnings in Logback? Do you have a work around?
@brunoballekens I've done something like that in https://github.com/wsargent/play-jdk13-alpine-slim but I don't remember seeing logback initialized twice.
Okay, yes. This is from https://github.com/playframework/playframework/pull/8809 and is intended behavior (per the PR) to wipe out any prior JUL configuration.
@mkurz done!
The JDK 1.6 TLS stack (aka JSSE) runs into this -- it can only send TLSv1, but then follows up with an SSLv2Hello, which causes the server to explode.