source.dussan.org Git - nextcloud-server.git/commit

]> source.dussan.org Git - nextcloud-server.git/commit

projects / nextcloud-server.git / commit

author	Joas Schilling <coding@schilljs.com>
	Tue, 22 Aug 2023 14:00:39 +0000 (16:00 +0200)
committer	Joas Schilling <coding@schilljs.com>
	Wed, 23 Aug 2023 04:44:09 +0000 (06:44 +0200)
commit	26832ec5da999068ef838f570c7a3ba912c47cdf
tree	7454c0162b11ae7be1c79c5a1d15c0ccbb6996c7	tree \| snapshot
parent	866a8a236861a5d1dff26458da04637099877e5e	commit \| diff

fix(middleware): Fix header injection for bruteforce middleware

Calling setHeaders(getHeaders()) breaks the CSP nonce for unknown reasons
So shifting back to old standard practise for now

Signed-off-by: Joas Schilling <coding@schilljs.com>

lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php

diff | blob | history

Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

RSS Atom