James Cole
|
1912e46113
|
Remove strict CSP header for #4622
|
2021-04-09 06:05:27 +02:00 |
|
James Cole
|
f2073a4494
|
Fix various issues in forms.
|
2021-04-08 17:41:19 +02:00 |
|
James Cole
|
3e12d26afd
|
Disable almost all things.
|
2021-04-08 16:47:16 +02:00 |
|
James Cole
|
a709596ccb
|
Add headers.
|
2021-04-08 12:27:54 +02:00 |
|
James Cole
|
849c7dfe02
|
Strict headers and CSS nonce
|
2021-04-08 12:10:04 +02:00 |
|
James Cole
|
e580093a34
|
Weird headers.
|
2021-04-08 12:05:08 +02:00 |
|
James Cole
|
4fa7a5c1bc
|
Update headers
|
2021-04-08 11:58:21 +02:00 |
|
James Cole
|
d668007fee
|
Remove style thing
|
2021-04-08 11:55:10 +02:00 |
|
James Cole
|
6cbccf3be6
|
Small change in headers
|
2021-04-08 11:50:59 +02:00 |
|
James Cole
|
4ecda4d4e0
|
Add some special headers.
|
2021-04-07 20:47:40 +02:00 |
|
James Cole
|
b5eeacc128
|
Code cleanup.
|
2021-03-28 11:46:23 +02:00 |
|
James Cole
|
206845575c
|
Code cleanup
|
2021-03-21 09:15:40 +01:00 |
|
James Cole
|
15ae9203b6
|
Fix #3307
|
2020-04-29 06:37:02 +02:00 |
|
James Cole
|
24129ab69c
|
Code cleanup that (hopefully) matches style CI
|
2020-03-17 15:02:57 +01:00 |
|
James Cole
|
3771cc3b75
|
Update email address
|
2020-01-31 07:32:04 +01:00 |
|
James Cole
|
ff44dbaea0
|
Update analytics code.
|
2020-01-17 04:30:44 +01:00 |
|
James Cole
|
8c36a371be
|
Remove https.
|
2020-01-11 09:58:35 +01:00 |
|
James Cole
|
2416fd6773
|
Remove experimental simple nonce.
|
2020-01-11 06:24:53 +01:00 |
|
James Cole
|
77fa3af87e
|
Use a very simple nonce to see if Edge stops complaining.
|
2020-01-11 06:15:08 +01:00 |
|
James Cole
|
5da8b2ec9e
|
Some CSP tuning.
|
2020-01-11 06:14:10 +01:00 |
|
James Cole
|
c55bfc0b8c
|
Improve config of CSP headers.
|
2020-01-11 05:28:20 +01:00 |
|
James Cole
|
925f63c8e1
|
Experimental switch of parameters and different urls
|
2020-01-09 20:43:32 +01:00 |
|
James Cole
|
2efe5b07e2
|
#2981 whoops
|
2020-01-09 19:29:43 +01:00 |
|
James Cole
|
42de629646
|
Fix #2981
|
2020-01-09 19:28:23 +01:00 |
|
James Cole
|
7f002eb6a9
|
Be backwards compatible.
|
2020-01-09 17:04:10 +01:00 |
|
James Cole
|
8c6f8460a2
|
Be backwards compatible.
|
2020-01-09 17:03:59 +01:00 |
|
James Cole
|
d83d8d3f97
|
Code for #2920
|
2020-01-04 11:00:44 +01:00 |
|
James Cole
|
041357c2ff
|
First steps for #2920
|
2020-01-04 07:24:43 +01:00 |
|
James Cole
|
92158e52ef
|
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards.
|
2019-10-02 06:37:26 +02:00 |
|
James Cole
|
a42992efb0
|
Merge tag '4.7.17.3' into develop
4.7.17.3
# Conflicts:
# changelog.md
# config/firefly.php
|
2019-07-16 19:24:07 +02:00 |
|
James Cole
|
531161db09
|
Fixes #2338
|
2019-07-16 19:21:58 +02:00 |
|
James Cole
|
2210b8054d
|
Fix Google Ana;ytics.
|
2019-07-13 20:57:29 +02:00 |
|
James Cole
|
8676764513
|
Remove various sort routines.
|
2019-05-04 20:58:43 +02:00 |
|
James Cole
|
71fb9d8fa5
|
Code cleaning stuff.
|
2019-02-13 17:38:41 +01:00 |
|
James Cole
|
968505ac0e
|
Route can be null.
|
2019-01-27 18:24:11 +01:00 |
|
James Cole
|
20b458f35d
|
Ignore form action when doing oAuth2.
|
2019-01-27 17:15:40 +01:00 |
|
Luca Bognolo
|
59cfaa20ab
|
Fixed wrong CSP value
Signed-off-by: Luca Bognolo <git@bogny.eu>
|
2019-01-03 16:04:48 +01:00 |
|
Luca Bognolo
|
ab0471c78e
|
Fixed missing CSP directive and value
Signed-off-by: Luca Bognolo <git@bogny.eu>
|
2019-01-03 00:21:21 +01:00 |
|
James Cole
|
c54541b839
|
Learned that I should not refer to env vars directly so I removed all references.
|
2018-12-15 07:59:02 +01:00 |
|
James Cole
|
1b3b39d2ea
|
Add option to disable the X-Frame header
|
2018-11-24 07:24:32 +01:00 |
|
James Cole
|
8088c28235
|
Solve a problem with inline displaying of file attachments.
|
2018-10-07 18:41:02 +02:00 |
|
James Cole
|
e29e6c147c
|
Upgrade Firefly III to PHP 7.2 and Laravel 5.7
|
2018-09-19 16:50:16 +02:00 |
|
James Cole
|
d77112955d
|
Fix secure headers for new Google tag.
|
2018-09-10 20:23:43 +02:00 |
|
James Cole
|
b33f8b70d4
|
Improve code coverage.
|
2018-09-07 20:12:22 +02:00 |
|
HamuZ HamuZ
|
52f8b24041
|
2FA QR doesn't show up due to CSP error
Relevant stackoverflow fix:
https://stackoverflow.com/questions/18447970/content-security-policy-data-not-working-for-base64-images-in-chrome-28
|
2018-09-03 08:19:38 +03:00 |
|
James Cole
|
0d82589916
|
Make some charts currency aware for #740
|
2018-08-27 18:59:30 +02:00 |
|
James Cole
|
5de01628a6
|
Expand secure headers.
|
2018-08-25 10:49:52 +02:00 |
|
James Cole
|
2834aca597
|
Update header readability, add Google as an optional allowed source.
|
2018-08-25 10:36:27 +02:00 |
|
James Cole
|
dfdbace298
|
Add secure headers middleware.
|
2018-08-25 07:55:47 +02:00 |
|
James Cole
|
a9590d2bb6
|
Add secure headers middleware.
|
2018-08-25 07:55:32 +02:00 |
|