BookStack

github-mirror/BookStack

Fork 0

mirror of https://github.com/BookStackApp/BookStack.git synced 2025-06-12 14:53:32 +08:00

Commit Graph

Author	SHA1	Message	Date
Dan Brown	934a833818	Apply fixes from StyleCI	2021-06-26 15:23:15 +00:00
Dan Brown	92922288dd	Added iframe CSP, improved session cookie security Added iframe CSP headers with configuration via .env. Updated session cookies to be lax by default, dynamically changing to none when iframes configured to allow third-party control. Updated cookie security to be auto-secure if a https APP_URL is set. Related to #2427 and #2207.	2021-01-02 02:43:50 +00:00

Author

SHA1

Message

Date

Dan Brown

934a833818

Apply fixes from StyleCI

2021-06-26 15:23:15 +00:00

Dan Brown

92922288dd

Added iframe CSP, improved session cookie security

Added iframe CSP headers with configuration via .env.
Updated session cookies to be lax by default, dynamically changing to
none when iframes configured to allow third-party control.
Updated cookie security to be auto-secure if a https APP_URL is set.

Related to #2427 and #2207.

2021-01-02 02:43:50 +00:00

2 Commits