[moqui/moqui-framework] c37329: In MoquiServlet change approach for validating Ori...
1 view
Skip to first unread message
David E. Jones
Aug 9, 2021, 3:59:10 PM8/9/21
to mo...@googlegroups.com
Branch: refs/heads/master
Home: https://github.com/moqui/moqui-framework
Commit: c3732952a22dbd77af66b5998873aff3a64a1db6
https://github.com/moqui/moqui-framework/commit/c3732952a22dbd77af66b5998873aff3a64a1db6
Author: David E Jones <d...@dejc.com>
Date: 2021-08-09 (Mon, 09 Aug 2021)
Changed paths:
M framework/src/main/groovy/org/moqui/impl/webapp/MoquiServlet.groovy
Log Message:
-----------
In MoquiServlet change approach for validating Origin header using webapp_allow_origins setting, compare by dot-separate segment instead of ends-with as a fallback that could be bypassed using a custom domain name with a prefix on an allowed one
Home: https://github.com/moqui/moqui-framework
Commit: c3732952a22dbd77af66b5998873aff3a64a1db6
https://github.com/moqui/moqui-framework/commit/c3732952a22dbd77af66b5998873aff3a64a1db6
Author: David E Jones <d...@dejc.com>
Date: 2021-08-09 (Mon, 09 Aug 2021)
Changed paths:
M framework/src/main/groovy/org/moqui/impl/webapp/MoquiServlet.groovy
Log Message:
-----------
In MoquiServlet change approach for validating Origin header using webapp_allow_origins setting, compare by dot-separate segment instead of ends-with as a fallback that could be bypassed using a custom domain name with a prefix on an allowed one
Reply all
Reply to author
Forward
0 new messages