Dan Brown 92922288dd Added iframe CSP, improved session cookie security ... Added iframe CSP headers with configuration via .env. Updated session cookies to be lax by default, dynamically changing to none when iframes configured to allow third-party control. Updated cookie security to be auto-secure if a https APP_URL is set. Related to #2427 and #2207.		2021-01-02 02:43:50 +00:00
..
ApiAuthenticate.php	Updated API auth to allow public user if given permission	2020-05-22 22:34:18 +01:00
Authenticate.php	Updated flow to ensure /register/confirm route is used where needed	2020-09-05 17:26:48 +01:00
CheckForMaintenanceMode.php	Ran phpcbf and updated helpers typehinting	2019-09-15 18:29:51 +01:00
CheckGuard.php	Simplified guard names and rolled out guard route checks	2020-02-02 13:10:21 +00:00
ChecksForEmailConfirmation.php	Added API listing filtering & cleaned ApiAuthenticate returns	2020-01-01 16:33:47 +00:00
ControlIframeSecurity.php	Added iframe CSP, improved session cookie security	2021-01-02 02:43:50 +00:00
EncryptCookies.php	Updated to laravel 5.5	2017-11-19 15:56:19 +00:00
GlobalViewData.php	Entity Repo & Controller Refactor (#1690)	2019-10-05 12:55:01 +01:00
Localization.php	Updated locale lists for Bulgarian	2020-09-19 15:36:17 +01:00
PermissionMiddleware.php	Simplified guard names and rolled out guard route checks	2020-02-02 13:10:21 +00:00
RedirectIfAuthenticated.php	Added user setting system and added user-lang option	2017-01-15 16:27:24 +00:00
StartSessionIfCookieExists.php	Change email confirmation from own middle to trait	2019-12-30 15:49:20 +00:00
ThrottleApiRequests.php	Added configurable API throttling, Handled API errors standardly	2020-01-18 15:03:28 +00:00
TrimStrings.php	Updated to laravel 5.5	2017-11-19 15:56:19 +00:00
TrustProxies.php	Fix "Declaration of Middleware\TrustProxies::handle should be compatible with Fideloper\Proxy\TrustProxies::handle"	2019-11-20 14:00:20 +03:00
VerifyCsrfToken.php	Started using OneLogin SAML lib directly	2019-11-17 13:26:43 +00:00