mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-08-30 06:02:25 +00:00
92922288dd
Added iframe CSP headers with configuration via .env. Updated session cookies to be lax by default, dynamically changing to none when iframes configured to allow third-party control. Updated cookie security to be auto-secure if a https APP_URL is set. Related to #2427 and #2207. |
||
---|---|---|
.. | ||
ApiAuthenticate.php | ||
Authenticate.php | ||
CheckForMaintenanceMode.php | ||
CheckGuard.php | ||
ChecksForEmailConfirmation.php | ||
ControlIframeSecurity.php | ||
EncryptCookies.php | ||
GlobalViewData.php | ||
Localization.php | ||
PermissionMiddleware.php | ||
RedirectIfAuthenticated.php | ||
StartSessionIfCookieExists.php | ||
ThrottleApiRequests.php | ||
TrimStrings.php | ||
TrustProxies.php | ||
VerifyCsrfToken.php |