TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-26 12:21:36 +03:00
Code Issues Projects Releases Wiki Activity
99aeda5909
Ghost/ghost
History
Fabien O'Carroll 99aeda5909 Removed ssoOriginCheck from signout endpoint (#10277) 
no-issue

the ssoOriginCheck exists to ensure that we only allow signin/signup to
be called from the specified auth page, this is a very minor security
feature in that it forces signins to go via the page you've designated.
signout however does not need this protection as the call to signout
completely bypasses any UI (this is the same for the call to /token)
2019-05-07 17:35:17 +02:00
..
members-api Removed ssoOriginCheck from signout endpoint (#10277) 2019-05-07 17:35:17 +02:00
members-auth-pages Renamed index.js to app.js 2019-05-07 17:35:17 +02:00
members-browser-auth Published new versions 2019-04-23 16:47:39 +02:00
members-gateway-api Published new versions 2019-04-23 16:47:39 +02:00
members-gateway-protocol Published new versions 2019-04-23 16:47:39 +02:00
members-ssr Published new versions 2019-05-06 12:25:45 +02:00
members-theme-bindings Published new versions 2019-04-23 16:47:39 +02:00
.gitkeep Initial commit 2019-03-14 12:14:23 +05:30