### Play Framework Project Setup and Run Source: https://github.com/playframework/playframework.com/blob/main/app/views/gettingStarted.scala.html Instructions for setting up and running Play Framework sample projects. This includes cloning or downloading the play-samples repository, navigating to the project directory, and running the application using sbt. ```bash cd .// sbt run http://localhost:9000 ``` -------------------------------- ### Create New Play Project with sbt Source: https://github.com/playframework/playframework.com/blob/main/app/views/gettingStarted.scala.html Demonstrates how to create a new Play Framework project (Scala or Java) using the sbt new command and specifying a seed template. ```sbt sbt new # Choose playframework/play-scala-seed.g8 for Scala # Choose playframework/play-java-seed.g8 for Java ``` ```sbt sbt new playframework/play-java-seed.g8 --branch 2.9.x sbt new playframework/play-scala-seed.g8 --branch 2.9.x ``` -------------------------------- ### Install Play Module Locally Source: https://github.com/playframework/playframework.com/blob/main/app/views/modules/show.scala.html Command to install a Play module locally on your machine. This makes the module available for use in your projects. ```bash play install @(module.name)-{version} ``` -------------------------------- ### Play Framework Contribution Guide Source: https://github.com/playframework/playframework.com/blob/main/app/views/getInvolved.scala.html This section details how to contribute to the Play Framework. It covers donating via Open Collective, engaging with the community on Discuss Play forums and Discord, reporting bugs on GitHub, and contributing code or patches. ```scala @import controllers.documentation.ReverseRouter @(title: String = "Get involved")(using req: RequestHeader, reverseRouter: ReverseRouter) @main(title, "getInvolved"){ @title ====== How you can help ================ Play is an open source project and everyone is encouraged to get involved! There are lots of ways you can contribute. ### Donate to our Open Collective [300+ backers](//opencollective.com/playframework#section-contributors) Play uses [Open Collective](//opencollective.com/playframework) to collect donations from sponsors. These funds are used to pay contributors and cover project costs, openly and transparently. Individuals and companies alike can support Play financially by [becoming backers or premium sponsors](@routes.Application.sponsors). ### Join the Discuss Play forum The [Discuss Play Forum](//github.com/playframework/playframework/discussions) is where the Play community meets. Asking and answering questions on the discuss forum is a great way to share knowledge about Play. ### Join the Discord chat [Discord server](//discord.gg/g5s2vtZ4Fa) Discord is a real time chat channel like IRC. The [play-users](//discord.gg/g5s2vtZ4Fa) channel is used by Play users to discuss the ins and outs of writing great Play applications. ### Contribute to Stack Overflow [17,000+ questions](//stackoverflow.com/questions/tagged/playframework) Stack Overflow is a Q&A site for programmers. Stack Overflow has a very active community of people asking and answering [questions about Play](//stackoverflow.com/questions/tagged/playframework). Users can vote on each others' contributions and earn reputation points. ### Report bugs [950+ bug reporters](//github.com/playframework/playframework/issues) Bug reports help Play improve, so please report any issues you have! Play uses [GitHub to track issues](//github.com/playframework/playframework/issues). When you report bugs, make sure you include lots of detail, including reproducible tests, example code or anything else you think might help. Even if you're not ready to fix issues yourself just yet, you can help out by verifying issues that have been reported by others. Look for issues tagged with the [needs-verification label](//github.com/playframework/playframework/issues?labels=needs-verification). You can assist by looking at these issues and doing some checking to confirm whether they're bugs or not. You could provide reproducible tests or a sample project, or even just ask the original reporter for more information. ### Patch the core [900+ committers](//github.com/playframework/playframework/graphs/contributors) Play's code and documentation is hosted on [GitHub](//github.com/playframework/playframework). It's easy to [get the code and build Play from source](@reverseRouter.latest(None, ). Play development is discussed in the [GitHub Discussions forum](//github.com/playframework/playframework/discussions). You can ask on the list if you have any questions, or you can also chat to Play contributors through the [play-contributors](//discord.gg/g5s2vtZ4Fa) channel. You're welcome to work on any feature you like—Play is open source after all!—but if you'd like some good ideas, look for issues tagged with the [community label](//github.com/playframework/playframework/issues?labels=community). These issues are ready and waiting for volunteers to pick them up. To keep our code tidy and to make sure we work together smoothly there are some [Contributor Guidelines](//github.com/playframework/.github/blob/main/CONTRIBUTING.md) that you'll need to make sure you follow. ### Create modules You can add new features to Play applications by creating a module. Writing new modules is often easier than patching Play's core code. You can learn about creating modules for [Scala](@reverseRouter.latest(None, )) and [Java](@reverseRouter.latest(None, )). @commonSidebar() } ``` -------------------------------- ### Play Framework Navigation Links Source: https://github.com/playframework/playframework.com/blob/main/app/views/main.scala.html Provides navigation links for trying Play, accessing documentation, and getting involved with the community. ```HTML Try Play Documentation Get Involved ``` -------------------------------- ### Play Framework Routing Example Source: https://github.com/playframework/playframework.com/blob/main/app/views/index.scala.html This example demonstrates how routes are defined in Play Framework, mapping HTTP requests to controller actions. The `@routes.Assets.versioned()` helper is used for serving versioned assets. ```Scala @routes.Assets.versioned() // Example of routing to a controller action ``` -------------------------------- ### Standard JVM Performance Metrics Source: https://github.com/playframework/playframework.com/blob/main/app/views/blog/graal.scala.html Example output from the wrk benchmarking tool showing performance metrics for a Play application running on a standard JVM. ```bash Running 1m test @@ http://195.201.117.210:9000 2 threads and 100 connections Thread Stats Avg Stdev Max +/- Stdev Latency 38.41ms 70.39ms 1.79s 97.70% Req/Sec 1.62k 219.60 3.10k 74.37% 193123 requests in 1.00m, 1.33GB read Requests/sec: 3216.56 Transfer/sec: 22.70MB ``` -------------------------------- ### Play Application with GraalVM Performance Metrics Source: https://github.com/playframework/playframework.com/blob/main/app/views/blog/graal.scala.html Example output from the wrk benchmarking tool showing performance metrics for a Play application running on GraalVM. ```bash Running 1m test @@ http://195.201.117.210:9000 2 threads and 100 connections Thread Stats Avg Stdev Max +/- Stdev Latency 33.83ms 62.66ms 1.56s 94.36% Req/Sec 2.15k 314.10 3.17k 68.92% 255800 requests in 1.00m, 1.76GB read Requests/sec: 4260.50 Transfer/sec: 30.07MB ``` -------------------------------- ### Play Framework Asset Versioning Example Source: https://github.com/playframework/playframework.com/blob/main/app/views/main.scala.html Demonstrates how to link to versioned assets in Play Framework, typically used for images or other static files. ```HTML ![](@routes.Assets.versioned()) [(svg)](@routes.Assets.versioned()) [(png)](@routes.Assets.versioned()) ``` -------------------------------- ### Play Framework Scala Template Example Source: https://github.com/playframework/playframework.com/blob/main/app/views/markdownPage.scala.html An example of a Scala template used in Play Framework, demonstrating how to include titles, markdown content, and sidebars. ```scala @import controllers.documentation.ReverseRouter @(title: String, markdown: Html)(using req: RequestHeader, reverseRouter: ReverseRouter) @main(title, "markdown"){ @title ====== @markdown @commonSidebar() @prettify() } ``` -------------------------------- ### Play Socket.IO Chat Engine Example (Scala) Source: https://github.com/playframework/playframework.com/blob/main/app/views/blog/socketio.scala.html A minimal chat engine example written in Play Scala using the play-socket.io library. It demonstrates how to define codecs for message encoding/decoding and set up a chat flow using Akka streams MergeHub and BroadcastHub. ```scala import akka.stream.Materializer import akka.stream.scaladsl._ import play.engineio.EngineIOController import play.socketio.scaladsl.SocketIO class ChatEngine(socketIO: SocketIO)(using mat: Materializer) { import play.socketio.scaladsl.SocketIOEventCodec._ // codec to encode/codec chat message events to/from strings val decoder = decodeByName { case "chat message" => decodeJson[String] } val encoder = encodeByType[String] { case _: String => "chat message" -> encodeJson[String] } // Merge/broadcast hub that each client will connect to private val chatFlow = { val (sink, source) = MergeHub.source[String] .toMat(BroadcastHub.sink)(Keep.both).run Flow.fromSinkAndSourceCoupled(sink, source) } val controller: EngineIOController = socketIO.builder .addNamespace("/chat", decoder, encoder, chatFlow) .createController() } ``` -------------------------------- ### Play Framework Module Creation Source: https://github.com/playframework/playframework.com/blob/main/app/views/getInvolved.scala.html Information on creating new modules for Play Framework applications. This guide provides links to learn about module creation for both Scala and Java. ```java You can learn about creating modules for [Scala](@reverseRouter.latest(None, )) and [Java](@reverseRouter.latest(None, )). ``` -------------------------------- ### Play Framework Core Links Source: https://github.com/playframework/playframework.com/blob/main/app/views/main.scala.html Core links for Play Framework users, including trying Play, tutorials, and documentation. ```HTML * [Try Play](@routes.Application.download) * [Tutorials](@reverseRouter.latest(None, )) * [Documentation](@reverseRouter.index(None)) ``` -------------------------------- ### Cloning Play Framework Repositories Source: https://github.com/playframework/playframework.com/blob/main/README.md This snippet demonstrates how to clone the main Play Framework website repository and its associated documentation repositories, including generated docs and translations for different languages (Japanese, Turkish, French, Bulgarian). It also shows how to create symbolic links for the generated documentation. ```sh cd ~ git clone -o origin https://github.com/playframework/playframework.com.git mkdir ~/play-docs-translations cd ~/play-docs-translations git clone -o origin https://github.com/playframework/play-generated-docs.git generated git clone -o origin https://github.com/playframework-ja/translation-project.git ja git clone -o origin https://github.com/PlayFrameworkTR/translation-project tr git clone -o origin https://github.com/cheleb/playframework-fr fr git clone -o origin https://github.com/antonsarov/translation-project bg cd ~/playframework.com/data/ ln -s ../../play-docs-translations/generated generated ``` -------------------------------- ### Play Framework Routing Example Source: https://github.com/playframework/playframework.com/blob/main/app/views/sponsors.scala.html An example of how Play Framework uses reverse routing to generate URLs for controllers. This snippet demonstrates the use of `@routes.Application.index().withFragment()` to link to the application's index page. ```scala @routes.Application.index().withFragment() ``` -------------------------------- ### Play Framework Scala Template Example Source: https://github.com/playframework/playframework.com/blob/main/app/views/outreachy/round15.scala.html An example of a Play Framework Scala template used for generating HTML content. It includes directives for importing reverse routers, defining page titles, and embedding content within a main layout. ```scala @import controllers.documentation.ReverseRouter @(title: String = "Outreachy")(using req: RequestHeader, reverseRouter: ReverseRouter) @main(title, "outreachy"){ @title ====== Outreachy - Round 15 -------------------- Lightbend and Play Framework are proud to be participating in [Outreachy](//www.outreachy.org/), a program to help groups that are underrepresented in free and open source software get involved. For detailed information about Outreachy, including how to apply, see the [main application page](//www.outreachy.org/apply/). This is the landing page for Outreachy Play Framework projects. Applications for Round 15 Play Framework projects close on the **23rd of October 2017**. Getting started --------------- The best way to get started is to read Play's [Get Involved](@routes.Application.getInvolved) page. From there you can find information about the project issue tracker and mailing lists, links to instructions for building Play from source. The best place to talk about Play development is on the [Play contributors Gitter channel](//gitter.im/playframework/contributors), while the [Play development mailing list](//groups.google.com/forum/#!forum/play-framework-dev) can be used for deeper architectural and design style discussions. Discussion about the Play Outreachy projects can be had in the [Play Outreachy Gitter channel](//gitter.im/playframework/outreachy), where Play Outreachy mentors can be found (though note that the Play team is very geographically distributed, including developers in Australia, USA, New Zealand and Europe, so don't expect to get immediate responses from any particular person. Projects -------- Lightbend is sponsoring one intern for Play Framework in Outreachy in Round 15. ### Play Module Directory Mentor: [Greg Methvin](//github.com/gmethvin) Play 1 offered a module directory for Play modules, which can still be found on the Play website [here](//playframework.com/modules). Unlike Play 1, where a home baked dependency management system was used, Play 2 uses sbt, which is able to use any Ivy or Maven based distribution system for distributing libraries. This makes the requirements of a module directory for Play 2 quite different to Play 1, which is why the Play 1 module directory has not been reused for Play 2. @commonSidebar() } ``` -------------------------------- ### Testing Play Application with wrk Source: https://github.com/playframework/playframework.com/blob/main/app/views/blog/graal.scala.html Command to benchmark the Play application's performance using the wrk tool, specifying connection count, duration, and threads. ```bash wrk -c100 -d1m -t2 http://graalserver:9000 ``` -------------------------------- ### Get Play Framework Source Code Source: https://github.com/playframework/playframework.com/blob/main/app/views/code.scala.html This snippet shows the Git command to clone the Play Framework repository from GitHub. ```git git clone git@@github.com:playframework/playframework.git ``` -------------------------------- ### Download Constretto Play Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads the Constretto module for Play Framework. This command fetches a zip archive from a GitHub raw content URL. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/constretto-0.1.1.zip -o constretto-0.1.1.zip ``` -------------------------------- ### Download Openebay Play Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads the Openebay module for Play Framework. This command fetches a zip archive from a GitHub raw content URL. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/openebay-0.1.zip -o openebay-0.1.zip ``` -------------------------------- ### Get Play 1.x Source Code Source: https://github.com/playframework/playframework.com/blob/main/app/views/code.scala.html This snippet shows the Git command to clone the repository for the older Play 1.x series. ```git git clone git@@github.com:playframework/play.git ``` -------------------------------- ### Download QUnit Play Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads the QUnit Play module (version 1.0) from the GitHub archive. This command uses curl to fetch the zip file and save it locally. ```shell curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/qunit-1.0.zip -o qunit-1.0.zip ``` -------------------------------- ### Download Neo4j Play Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads specific versions of the Neo4j module for Play Framework. These commands fetch zip archives from a GitHub raw content URL. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/neo4j-1.0RC1.zip -o neo4j-1.0RC1.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/neo4j-1.0RC2.zip -o neo4j-1.0RC2.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/neo4j-1.0.zip -o neo4j-1.0.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/neo4j-1.0.1.zip -o neo4j-1.0.1.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/neo4j-1.0.2.zip -o neo4j-1.0.2.zip ``` -------------------------------- ### Play Framework Community Links Source: https://github.com/playframework/playframework.com/blob/main/app/views/index.scala.html Links to community resources for Play Framework, including GitHub discussions, Discord server, and Stack Overflow. ```HTML Play Forum ``` ```HTML Play's Discord server ``` ```HTML Stack Overflow ``` -------------------------------- ### Play Framework Routes for Socket.IO Source: https://github.com/playframework/playframework.com/blob/main/app/views/blog/socketio.scala.html Configures Play Framework routes to handle Socket.IO requests by directing them to the EngineIOController. Supports both GET and POST methods with a transport parameter. ```APIDOC GET /socket.io/ play.engineio.EngineIOController.endpoint(transport) POST /socket.io/ play.engineio.EngineIOController.endpoint(transport) ``` -------------------------------- ### C Code Example for GraalVM Execution Source: https://github.com/playframework/playframework.com/blob/main/app/views/blog/graal.scala.html This is a C code snippet that sets a URL for curl, performs a request, and retrieves the response code. This code is intended to be compiled into LLVM bitcode for execution by GraalVM. ```c curl_easy_setopt(curl, CURLOPT_URL, "http://example.com"); res = curl_easy_perform(curl); if(res == CURLE_OK) { curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response_code); } curl_easy_cleanup(curl); } return response_code; } ``` -------------------------------- ### Download Play Framework Liquibase Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads various versions of the Play Framework Liquibase module. These commands use curl to fetch the zip files from the GitHub archive and save them locally. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-1.1.zip -o liquibase-1.1.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-1.0.zip -o liquibase-1.0.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-1.0.3.zip -o liquibase-1.0.3.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-1.1.3.zip -o liquibase-1.1.3.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.0.3.zip -o liquibase-2.0.3.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.1.0.zip -o liquibase-2.1.0.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.0.4.zip -o liquibase-2.0.4.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.1.1.zip -o liquibase-2.1.1.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.1.2.zip -o liquibase-2.1.2.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.2.zip -o liquibase-2.2.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.3.zip -o liquibase-2.3.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.3.1.zip -o liquibase-2.3.1.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.4.zip -o liquibase-2.4.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/liquibase-2.4.1.zip -o liquibase-2.4.1.zip ``` -------------------------------- ### Play Framework Sponsorship Benefits Source: https://github.com/playframework/playframework.com/blob/main/app/views/sponsors.scala.html Details the benefits for different sponsorship tiers in the Play Framework. Backers receive visibility on the website and GitHub, while premium sponsors get logo placement in release announcements and social media mentions. ```APIDOC Sponsorship Tiers: Backer: - Minimum donation: $5/month - Benefits: - Visibility on Play Framework website (backers section) - Visibility on Play GitHub repo main project page (backers section) Premium Sponsor: - Minimum donation: $1200/month or $14400/12 months - Benefits: - Company logo visibility on Play Framework website (front page) - Company logo visibility on Play GitHub repo main project page - Company logo mention in every release announcement - "Thank you" tweet from @playframework Contact: - Email: contact@playframework.com ``` -------------------------------- ### Download Postmark Play Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads the Postmark module for Play Framework. This command fetches a zip archive from a GitHub raw content URL. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/postmark-1.0.zip -o postmark-1.0.zip ``` -------------------------------- ### Play Framework Module Listing Source: https://github.com/playframework/playframework.com/blob/main/app/views/modules/list.scala.html This Scala code snippet iterates through a sequence of Play Framework modules and displays their name, full name, author, and description. It also provides a link to get more details and versions for each module. ```Scala @import models.modules._ @import controllers.documentation.ReverseRouter @(modules: Seq[Module])(using req: RequestHeader, reverseRouter: ReverseRouter) @layout { @modules.map { module => [@module.name] @module.fullname by @module.author --------------------------------------------------- @Html(utils.Textile.toHTML(module.description)) [Get details and versions](@routes.Modules.show(module.name)) } ``` -------------------------------- ### Play Framework Community Support Links Source: https://github.com/playframework/playframework.com/blob/main/app/views/main.scala.html Provides links to community support channels for Play Framework, including Discuss Forum, Discord, and Stackoverflow. ```HTML * [Discuss Forum](//github.com/playframework/playframework/discussions) * [Discord](//discord.gg/g5s2vtZ4Fa) * [Stackoverflow](//stackoverflow.com/questions/tagged/playframework) ``` -------------------------------- ### Download MyBatisPlay Play Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads specific versions of the MyBatisPlay module for Play Framework. These commands fetch zip archives from a GitHub raw content URL. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/mybatisplay-0.1.2.zip -o mybatisplay-0.1.2.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/mybatisplay-0.2.0.zip -o mybatisplay-0.2.0.zip ``` -------------------------------- ### Play Framework Security Advisories Source: https://github.com/playframework/playframework.com/blob/main/app/views/vulnerabilities.scala.html This section lists security vulnerabilities fixed in different Play Framework versions. Each entry includes a CVE identifier (if applicable) and a brief description of the vulnerability. The advisories are organized by Play Framework version, starting from the latest. ```scala @import controllers.documentation.ReverseRouter @()(using req: RequestHeader, reverseRouter: ReverseRouter) @main("Play Security Vulnerabilities", "security"){ Security Vulnerabilities ======================== Receiving security advisories ----------------------------- The best way to receive any and all security announcements is to subscribe to the [Play security list](//groups.google.com/forum/#!forum/play-framework-security). The mailing list is very low traffic, and receives notifications only after Security reports have been managed by the core team and fixes are publicly available. Reporting vulnerabilities ------------------------- We strongly encourage people to report such problems to our private security mailing list first, before disclosing them in a public forum. All security bugs in Play should be reported by email to [security@@playframework.com](mailto:security@@playframework.com). This list is delivered to a subset of the core team who handle security issues. Play 2.8.x ---------- ### Fixed in Play 2.8.16 * [CVE-2022-31018](//github.com/playframework/playframework/security/advisories/GHSA-v8x6-59g4-5g3w) - Denial of service when binding forms from JSON * [CVE-2022-31023](//github.com/playframework/playframework/security/advisories/GHSA-p9p4-97g9-wcrh) - Dev error stack trace leaking into prod ### Fixed in Play 2.8.5 * [CVE-2020-28923-ImproperRemovalofSensitiveInformationBeforeStorageorTransfer](@routes.Security.vulnerability()) - Improper Removal of Sensitive Information Before Storage or Transfer ### Fixed in Play 2.8.3 * [CVE-2020-26882-JsonParseDataAmplification](@routes.Security.vulnerability()) - JSON parse Data Amplification * [CVE-2020-26883-JsonParseUncontrolledRecursion](@routes.Security.vulnerability()) - JSON parse Uncontrolled Recursion * [CVE-2020-27196-DosViaJsonStackOverflow](@routes.Security.vulnerability()) - DoS via JSON parse Stack Overflow ### Fixed in Play 2.8.2 [CVE-2020-12480-CsrfBlacklistBypass](@routes.Security.vulnerability()) - Play CSRF Filter Content-Type black list bypass Play 2.7.x ---------- ### Fixed in Play 2.7.6 * [CVE-2020-26882-JsonParseDataAmplification](@routes.Security.vulnerability()) - JSON parse Data Amplification * [CVE-2020-26883-JsonParseUncontrolledRecursion](@routes.Security.vulnerability()) - JSON parse Uncontrolled Recursion * [CVE-2020-27196-DosViaJsonStackOverflow](@routes.Security.vulnerability()) - DoS via JSON parse Stack Overflow ### Fixed in Play 2.7.5 [CVE-2020-12480-CsrfBlacklistBypass](@routes.Security.vulnerability()) - Play CSRF Filter Content-Type black list bypass Play 2.6.x ---------- ### Fixed in Play 2.6.24 [CVE-2019-17598-PlayWSHttpConnectAuthorizationHeaders](@routes.Security.vulnerability()) - Play-WS sending HTTP CONNECT including authorizing headers to target host ### Fixed in Play 2.6.16 [CVE-2018-13864-PathTraversal](@routes.Security.vulnerability()) - Path traversal in Assets controller ### Fixed in Play 2.6.6 [20171005-CorsVaryHeader](@routes.Security.vulnerability()) - improper Vary header handling in CORS filter ### Fixed in Play 2.6.5 [20170828-InvalidUriParsing](@routes.Security.vulnerability()) - AsyncHttpClient and Play WS URI parsing vulnerability Play 2.5.x ---------- ### Fixed in Play 2.5.18 [20171005-CorsVaryHeader](@routes.Security.vulnerability()) - improper Vary header handling in CORS filter ### Fixed in Play 2.5.14 [20170407-LogbackDeser](@routes.Security.vulnerability()) - Java Deserialization vulnerability in Logback SocketAppender ### Fixed in Play 2.5.11 [20170120-WSOAuthDoS](@routes.Security.vulnerability()) - WS OAuth Denial of Service Play 2.4.x ---------- ### Fixed in Play 2.5.0 [20160304-CsrfBypass](@routes.Security.vulnerability()) - CSRF Bypass ### Fixed in Play 2.4.8 [20160622-JavaScriptRouterXSS](@routes.Security.vulnerability()) - JavaScript router XSS Play 2.3.x ---------- ### Fixed in Play 2.3.9 [CVE-2015-2156-HttpOnlyBypass](@routes.Security.vulnerability()) - Http only cookie bypass ### Fixed in Play 2.3.5 [CVE-2014-3630-XmlExternalEntity](@routes.Security.vulnerability()) - XML external entity vulnerability Play 2.2.x ---------- ### Fixed in Play 2.2.6 [CVE-2014-3630-XmlExternalEntity](@routes.Security.vulnerability()) - XML external entity vulnerability Play 2.1.x ---------- ### Fixed in Play 2.1.5 [20130920-XmlExternalEntity](@routes.Security.vulnerability()) - XML external entity vulnerability ### Fixed in Play 2.1.4 [20130911-XmlExternalEntity](@routes.Security.vulnerability()) - XML external entity vulnerability ### Fixed in Play 2.1.3 [20130806-SessionInjection](@routes.Security.vulnerability()) - Session injection vulnerability Play 2.0.x ---------- ### Fixed in Play 2.0.8 [20130920-XmlExternalEntity](@routes.Security.vulnerability()) - XML external entity vulnerability ### Fixed in Play 2.0.7 [20130911-XmlExternalEntity](@routes.Security.vulnerability()) - XML external entity vulnerability ``` -------------------------------- ### Play Framework Navigation and Version Links Source: https://github.com/playframework/playframework.com/blob/main/app/views/index.scala.html Provides links to download specific Play Framework versions and navigate to documentation. It dynamically displays the latest versions and their release names. ```Scala @releases.latest3.version or @releases.latest2.version@for(name <- releases.latest2.name){ "@name"} ``` ```Scala @routes.Application.download ``` ```Scala @routes.Application.allreleases() ``` ```Scala @reverseRouter.index(None) ``` ```Scala @reverseRouter.latest(None, ) ``` -------------------------------- ### JavaScript Code Copy Functionality Source: https://github.com/playframework/playframework.com/blob/main/app/views/clipboard.scala.html This JavaScript code snippet enhances code blocks by adding a copy-to-clipboard button. It utilizes the ClipboardJS library to handle the copying mechanism and provides visual feedback on success or failure. This is useful for improving the user experience when viewing code examples. ```javascript (function(){ var pre = document.getElementsByClassName('prettyprint'); for (var i = 0; i < pre.length; i++) { var button = document.createElement('button'); button.className = 'copy-button'; pre[i].appendChild(button); } // Run Clipboard var copyCode = new ClipboardJS('.copy-button', { target: function(trigger) { return trigger.previousElementSibling; } }); // On success: copyCode.on('success', function(event) { event.clearSelection(); event.trigger.textContent = ' Success'; window.setTimeout(function() { event.trigger.textContent = ''; }, 2000); }); // On error (Safari): // - Change the "Press Ctrl+C to copy" // - Swap it to "Copy" in 2s. copyCode.on('error', function(event) { event.trigger.textContent = 'Press "Ctrl + C" to copy'; window.setTimeout(function() { event.trigger.textContent = ''; }, 5000); }); })(); ``` -------------------------------- ### Download Play Framework Menu Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads the specified version of the Play Framework menu module. This command uses curl to fetch the zip file from the GitHub archive and saves it locally. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/menu-1.2.zip -o menu-1.2.zip ``` -------------------------------- ### Download Play Framework Maven Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads the Maven module for Play Framework. The commands fetch zip archives for version 1.0 and the 'head' version from a GitHub raw URL using curl and save them locally. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/maven-1.0.zip -o maven-1.0.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/maven-head.zip -o maven-head.zip ``` -------------------------------- ### Play Framework Community and Help Links Source: https://github.com/playframework/playframework.com/blob/main/app/views/commonSidebar.scala.html Links to community resources for Play Framework users, including discussion forums, Discord servers, and Stack Overflow. ```HTML <@hn>Find help * [Discuss Play Forum](https://github.com/playframework/playframework/discussions) * [Discord Server](https://discord.gg/g5s2vtZ4Fa) * [Stack Overflow](https://stackoverflow.com/questions/tagged/playframework) ``` -------------------------------- ### Play Framework Programs Link Source: https://github.com/playframework/playframework.com/blob/main/app/views/commonSidebar.scala.html Link to information about Play Framework programs, such as Outreachy. ```Scala @* <@hn>Programs * [Outreachy](@routes.Outreachy.outreachy) *@ ``` -------------------------------- ### Download Play Framework FBConnect Module Source: https://github.com/playframework/playframework.com/blob/main/README.md Downloads various versions of the Play Framework FBConnect module. These commands use curl to fetch the zip files from the GitHub archive and save them locally. ```bash curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/fbconnect-0.1.zip -o fbconnect-0.1.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/fbconnect-head.zip -o fbconnect-head.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/fbconnect-0.2.zip -o fbconnect-0.2.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/fbconnect-0.3.zip -o fbconnect-0.3.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/fbconnect-0.4.zip -o fbconnect-0.4.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/fbconnect-0.5.zip -o fbconnect-0.5.zip curl -X GET https://github.com/playframework/archive/raw/refs/heads/main/play1-modules/fbconnect-0.6.zip -o fbconnect-0.6.zip ```