Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-27 22:49:56 -05:00
Code Issues Activity
ghost/core/server/web
History
Thibaut Patel 2bcc934eb4 Disable CSRF on the oauth callback route 
no issue

Keeping CSRF enabled there would prevent oauth from working as users are redirected from the provider domain to the /callback route, where they are logged-in
2021-05-18 20:44:21 +02:00
..
admin 🔒 Removed unused and insecure preview endpoint 2021-04-29 12:10:39 +01:00
api Moved i18n to shared 2021-05-04 13:03:38 +01:00
members Enabled Members for all sites (#12582) 2021-02-02 16:12:53 +00:00
oauth Disable CSRF on the oauth callback route 2021-05-18 20:44:21 +02:00
parent Expanded requires of lib/common i18n and events 2021-05-03 17:14:52 +01:00
shared Moved i18n to shared 2021-05-04 13:03:38 +01:00
site Moved i18n to shared 2021-05-04 13:03:38 +01:00
index.js
well-known.js