Development #8937: Improve decorators.json - Authentic 2 - Entr'ouvert Projects — Projets d'Entr'ouvert

Development #8937

Improve decorators.json

Added by Benjamin Dauvergne about 4 years ago. Updated about 2 years ago.

Status:

Fermé

Priority:

Normal

Assignee:

Benjamin Dauvergne

Category:

Target version:

2.2.0

Start date:

10 Nov 2015

Due date:

% Done:

100%

Patch proposed:

Yes

Planning:

Description

We do not differentiate JSONP from AJAX when checking for Origin, but we should as rules governing this two modes are different:

with AJAX/CORS it's garanteed by the browser that an Origin header will be present if not, it's a direct call and should not be blocked
with JSONP it can happen that the user is behind proxy removing Referer in this case we should block the call

0001-improve-AJAX-JSONP-support-in-decorators.json.patch View (2.97 KB) Benjamin Dauvergne, 10 Nov 2015 10:27 AM

Associated revisions

Revision a6bd4f50 (diff)
Added by Benjamin Dauvergne about 4 years ago

improve AJAX/JSONP support in decorators.json (fixes #8937)

History

#1 Updated by Benjamin Dauvergne about 4 years ago

Patch proposed changed from No to Yes
File 0001-improve-AJAX-JSONP-support-in-decorators.json.patch View added

#2 Updated by Benjamin Dauvergne about 4 years ago

Tests coming soon.

#3 Updated by Benjamin Dauvergne about 4 years ago

Status changed from Nouveau to Résolu (à déployer)
% Done changed from 0 to 100

Appliqué par commit authentic2|a6bd4f50589bdccb14a3e636fd542f660c88341d.

#4 Updated by Benjamin Dauvergne almost 4 years ago

Status changed from Résolu (à déployer) to Solution déployée

#5 Updated by Benjamin Dauvergne about 2 years ago

Status changed from Solution déployée to Fermé

Also available in: Atom PDF

Project

General

Profile

Produits Entr'ouvert » Authentic 2

Issues

Custom queries