BookStack/app
Dan Brown 92922288dd
Added iframe CSP, improved session cookie security
Added iframe CSP headers with configuration via .env.
Updated session cookies to be lax by default, dynamically changing to
none when iframes configured to allow third-party control.
Updated cookie security to be auto-secure if a https APP_URL is set.

Related to #2427 and #2207.
2021-01-02 02:43:50 +00:00
..
Actions Started change for entities to have concept of owners 2020-12-30 18:25:35 +00:00
Api Moved models to folder, renamed managers to tools 2020-11-21 23:20:54 +00:00
Auth Fixed short editor in firefox and optimised some queries 2021-01-02 01:22:41 +00:00
Config Added iframe CSP, improved session cookie security 2021-01-02 02:43:50 +00:00
Console Updated wording of image cleanup option 2020-12-18 22:59:47 +00:00
Entities Added manual type conversion to fix failing tests 2021-01-01 18:38:54 +00:00
Exceptions Prevented entity "Not Found" events from being logged 2020-05-23 11:28:59 +01:00
Facades Refactored some core entity actions 2019-09-20 00:18:28 +01:00
Http Added iframe CSP, improved session cookie security 2021-01-02 02:43:50 +00:00
Interfaces Started widening of activity logging 2020-11-18 23:40:39 +00:00
Notifications Add feature to send test e-mails 2019-10-16 08:24:33 +02:00
Providers Fixed some mis-refactoring and split search service 2020-11-22 00:17:45 +00:00
Settings Removed setting override system due to confusing behaviour 2019-12-22 13:19:17 +00:00
Traits Started change for entities to have concept of owners 2020-12-30 18:25:35 +00:00
Translation Made it possible to override translations via theme system 2019-10-26 18:07:14 +01:00
Uploads Started change for entities to have concept of owners 2020-12-30 18:25:35 +00:00
Application.php Ran phpcbf and updated helpers typehinting 2019-09-15 18:29:51 +01:00
helpers.php Started change for entities to have concept of owners 2020-12-30 18:25:35 +00:00
Model.php Set /app PHP code to PSR-2 standard 2018-01-28 16:58:52 +00:00