Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Code Issues Activity
ghost/core
History
Fabien 'egg' O'Carroll 244704156c
Updated all Origin header checks to handle 'null' (#12246) 
closes #12244

As per RFC 6454 the Origin header MUST be set to the string 'null' when
in a "privacy-sensitive" context. We were not handling this string and
this was causing errors. This commit updates all checks of the 'Origin'
header to treat the value 'null' as if the header was not present.

ref: https://tools.ietf.org/html/rfc6454#section-7.3
2020-10-01 09:37:22 +01:00
..
client@9a82624cde Updated Ghost-Admin to v3.35.0 2020-09-30 11:00:14 +01:00
frontend Renamed membersjs script name to portal 2020-09-24 12:08:51 +05:30
server Updated all Origin header checks to handle 'null' (#12246) 2020-10-01 09:37:22 +01:00
shared Added support for Stripe promo codes in config (#12149) 2020-09-21 13:15:41 +01:00
index.js Refactored server announce functions to be clearer 2020-08-09 17:25:15 +01:00