composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,032 Commits 151 Branches 134 Tags
support/2.7
Commit Graph

20 Commits

Author SHA1 Message Date
Pierre Goiffon
a4f6f6e877 N°4368 Fix CORB blocking regression (#598) 
Don't send X-Content-Type-Options HTTP header for certain WebPage impl to workaround CORB blocking
To disable globally this new behavior introduced in 9865bf07, set the `security.enable_header_xcontent_type_options` config parameter to false

Thanks @Molkobain for the review !
 2024-01-05 10:41:18 +01:00
Pierre Goiffon
9865bf0779 N°4368 add sending X-Content-Type-Options HTTP header 
Replace in consumers the \WebPage::add_xframe_options call by \WebPage::add_http_headers
 2023-12-19 18:25:26 +01:00
Pierre Goiffon
ecebe4ecd5 N°3416 XFrame and cache headers optimizations 
* Remove XFrame header set in \WebPage::no_cache : not this method responsability, was confusing :/
* Remove no_cache() calls when already set in page constructor (ajax_page mainly)
* Also calls everywhere the \WebPage::no_cache method instead of setting headers manually
 2020-12-02 17:19:05 +01:00
Pierre Goiffon
8bfcb14d0c N°3416 XFrame-Options header is now set using a config parameter, defaults to SAMEORIGIN 
Also adds an indirection (\WebPage::add_xframe_options) to set header
 2020-12-02 17:17:11 +01:00
Pierre Goiffon
a765eb8725 Merge remote-tracking branch 'origin/support/2.6' into support/2.7 
# Conflicts:
#	application/ajaxwebpage.class.inc.php
#	application/csvpage.class.inc.php
 2020-10-05 16:12:49 +02:00
Pierre Goiffon
1551694198 N°3317 Security hardening 2020-10-05 14:42:03 +02:00
Eric
bef1832ac7 N°3317 - Add http headers 2020-09-29 14:07:24 +02:00
Eric
1453558f3e N°3317 - Add http headers 2020-09-22 11:39:19 +02:00
Pierre Goiffon
4afed39b0e N°2529 Fix charset sent by logout page 2019-10-09 18:07:08 +02:00
Pierre Goiffon
40a4e6d7b0 Fix files using CrLf, convert them to Lf to have the whole repo using Lf 
Warn your git config (core.autocrlf = input or true)
 2018-09-04 17:59:51 +02:00
Romain Quetiez
baf54a7c02 #942 OQL now supporting unions. Unions support polymorphism and can be used anywhere in the application. 
SVN:trunk[3631]
 2015-07-08 17:10:40 +00:00
Romain Quetiez
cd7490472e #970 and #650 Corrupted attachements. Reworked the cleanup of undesired output, to protect it against the case when the output buffer is unfortunately closed. On the other hand, I found out that several output buffer can be stacked. Thus the protection could be further improved (difficulty: that can be web server dependent). 
SVN:trunk[3376]
 2014-10-23 15:48:49 +00:00
Romain Quetiez
2cc89ad167 #690 XML export broken 
SVN:trunk[2651]
 2013-03-20 17:26:40 +00:00
Romain Quetiez
941d056db4 Improved the query logging + replay mechanism 
SVN:trunk[2484]
 2012-11-30 13:27:07 +00:00
Romain Quetiez
721faa7e1e Updated copyright (2012) and license (LGPL changed to AGPL) 
SVN:trunk[2333]
 2012-10-23 21:41:36 +00:00
Romain Quetiez
d8bb6a45b2 REVIEWED THE FILE INCLUSION POLICY 
- includes are relative to the application root folder, aka APPROOT
- changed the config file, while preserving the compatibility with older installs

SVN:trunk[962]
 2010-11-22 17:53:52 +00:00
Denis Flaven
f4b29d152b Special passthrough mode for big XML pages output. 
SVN:trunk[918]
 2010-10-22 16:46:53 +00:00
Romain Quetiez
a0e0371812 #19 - Reviewed the licensing information and started to align the comments in the code 
SVN:trunk[422]
 2010-05-24 09:24:35 +00:00
Denis Flaven
0a413a32f6 Renaming of the WebPage class (and its derived classes) to stick to the same naming convention as other classes. 
SVN:trunk[250]
 2010-01-17 09:07:10 +00:00
Denis Flaven
b756db0992 Moved under "trunk" to be able to track releases under "tags" 
SVN:trunk[55]
 2009-04-28 09:03:12 +00:00