Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-03 23:00:14 -05:00
Code Issues Activity
ghost/core/test/unit/web
History
Kevin Ansfield f88adb9180
Added x-frame-options header to /ghost/ route (#10760) 
no issue
- by default the `/ghost/` route will add an `x-frame-options: sameorigin` header to the response to help protect the admin area against clickjacking
- the header can be disabled by adding `"adminFrameProtection": false` to the `config.{env}.json` configuration file

Credits: Muhammad Fawwad Obaida
2019-05-28 09:04:48 +01:00
..
admin Added x-frame-options header to /ghost/ route (#10760) 2019-05-28 09:04:48 +01:00
api/v2/content Added brute protection to content api (#10362) 2019-01-14 14:11:48 +01:00
middleware Bumped sinon from 4.4.6 to 7.3.2 (#10400) 2019-01-21 17:53:44 +01:00
shared/middleware Added tests for content api brute force protection (#10344) 2019-01-07 21:25:19 +07:00
parent-app_spec.js Removed lib/members in favour of packages (#10739) 2019-05-08 14:08:25 +02:00
utils_spec.js Refactored web/middleware and web/utils to web/shared (#9892) 2018-09-20 20:04:34 +02:00