TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-21 09:52:06 +03:00
Code Issues Projects Releases Wiki Activity
244704156c
Ghost/core/server/web/site
History
Fabien 'egg' O'Carroll 244704156c
Updated all Origin header checks to handle 'null' (#12246) 
closes #12244

As per RFC 6454 the Origin header MUST be set to the string 'null' when
in a "privacy-sensitive" context. We were not handling this string and
this was causing errors. This commit updates all checks of the 'Origin'
header to treat the value 'null' as if the header was not present.

ref: https://tools.ietf.org/html/rfc6454#section-7.3
2020-10-01 09:37:22 +01:00
..
middleware Replaced constants file with @tryghost/constants 2020-08-11 12:51:16 +01:00
app.js Updated all Origin header checks to handle 'null' (#12246) 2020-10-01 09:37:22 +01:00
index.js Moved apps into web folder (#9308) 2017-12-06 17:37:54 +01:00
routes.js Extracted frontend folder (#10780) 2019-06-19 11:30:28 +02:00