ghost

mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-27 22:49:56 -05:00

History

Fabien 'egg' O'Carroll 244704156c Updated all Origin header checks to handle 'null' (#12246 ) closes #12244 As per RFC 6454 the Origin header MUST be set to the string 'null' when in a "privacy-sensitive" context. We were not handling this string and this was causing errors. This commit updates all checks of the 'Origin' header to treat the value 'null' as if the header was not present. ref: https://tools.ietf.org/html/rfc6454#section-7.3		2020-10-01 09:37:22 +01:00
..
api-key	Refactor common pattern in service files	2020-04-30 20:48:42 +01:00
members	Fixed express-jwt config	2020-07-08 15:09:44 +02:00
session	Updated all Origin header checks to handle 'null' (#12246 )	2020-10-01 09:37:22 +01:00
authenticate.js
authorize.js	Refactor common pattern in service files	2020-04-30 20:48:42 +01:00
index.js
passwordreset.js	Improved error messaging for password reset process	2020-09-22 15:45:19 +12:00
setup.js	Moved core/server/lib/common/logging to core/shared/logging (#11857 )	2020-05-28 19:30:23 +01:00