upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-17 09:51:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
nextcloud/lib/private/AppFramework/Middleware/Security
History
Joas Schilling 381c35080d
fix(middleware): Fix header injection for bruteforce middleware 
Calling setHeaders(getHeaders()) breaks the CSP nonce for unknown reasons
So shifting back to old standard practise for now

Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-08-22 16:00:39 +02:00
..
Exceptions fix(security)!: Use consistent HTTP status for strict cookie checks 2023-04-17 16:06:37 +00:00
BruteForceMiddleware.php fix(middleware): Fix header injection for bruteforce middleware 2023-08-22 16:00:39 +02:00
CORSMiddleware.php feat(security): Add PHP \Attribute for remaining security annotations 2023-04-25 14:50:32 +02:00
CSPMiddleware.php composer run cs:fix 2023-01-20 11:45:08 +01:00
FeaturePolicyMiddleware.php composer run cs:fix 2023-01-20 11:45:08 +01:00
PasswordConfirmationMiddleware.php feat(security): Add PHP \Attribute for remaining security annotations 2023-04-25 14:50:32 +02:00
RateLimitingMiddleware.php feat(ratelimit): Add Attributes support to rate limit middleware 2023-04-24 12:24:48 +02:00
ReloadExecutionMiddleware.php feat(security): Add PHP \Attribute for remaining security annotations 2023-04-25 14:50:32 +02:00
SameSiteCookieMiddleware.php composer run cs:fix 2023-01-20 11:45:08 +01:00
SecurityMiddleware.php Rewrite OCS CSRF check to be readable 2023-08-16 15:52:36 +02:00