source.dussan.org Git - nextcloud-server.git/commit

]> source.dussan.org Git - nextcloud-server.git/commit

projects / nextcloud-server.git / commit

author	Joas Schilling <coding@schilljs.com>
	Tue, 22 Aug 2023 14:00:39 +0000 (16:00 +0200)
committer	Joas Schilling <coding@schilljs.com>
	Tue, 22 Aug 2023 14:00:39 +0000 (16:00 +0200)
commit	381c35080db623f41a32d77db91bad48b2bf659a
tree	87d19a4f0aa7db814693d9719194554e9fcdc5c3	tree \| snapshot
parent	e42d82fe13d49bf5bfc3b42c8c686292f81af1cc	commit \| diff

fix(middleware): Fix header injection for bruteforce middleware

Calling setHeaders(getHeaders()) breaks the CSP nonce for unknown reasons
So shifting back to old standard practise for now

Signed-off-by: Joas Schilling <coding@schilljs.com>

lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php

diff | blob | history

Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

RSS Atom