nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e7e634396e
gluon/package/gluon-web
History
Matthias Schiffer 1837b1e2b3 gluon-web: prohibit cross-origin POST 
As gluon-web uses standard multipart/form-data requests, browsers don't
enforce any cross-origin restrictions. To prevent malicious injection of
POST requests into the config mode, match the Origin header against the
Host header of the request.

(cherry picked from commit a83466be6e)
2022-02-03 17:08:07 +01:00
..
files/lib/gluon/web/view/error gluon-config-mode-core: move gluon-web base path to /lib/gluon/config-mode 2018-02-26 00:07:13 +01:00
i18n gluon-web: fix typos 2019-03-18 21:49:54 +01:00
luasrc/usr/lib/lua/gluon/web gluon-web: prohibit cross-origin POST 2022-02-03 17:08:07 +01:00
src gluon-web: import po2lmo tool from luci-base 2019-11-23 17:28:17 +01:00
Makefile gluon-web: import po2lmo tool from luci-base 2019-11-23 17:28:17 +01:00