Skip to content

Allow only secure origins in CORS config #393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rsora merged 6 commits into from
Aug 28, 2019
Merged

Allow only secure origins in CORS config #393

rsora merged 6 commits into from
Aug 28, 2019

Conversation

@gvarisco
Copy link
Contributor

@gvarisco gvarisco commented Jun 3, 2019

Remove insecure origins from cors.Config definition

TODO:

  • Align HSTS config on HTTPS endpoints

matteosuppo and others added 6 commits April 3, 2019 12:41
@gvarisco gvarisco changed the title Secure origin Allow only secure origins in CORS config Jun 3, 2019
@gvarisco gvarisco requested review from matteosuppo and rsora June 3, 2019 09:36
@gvarisco gvarisco requested a review from mastrolinux August 13, 2019 12:23
@gvarisco
Copy link
Contributor Author

gvarisco commented Aug 28, 2019

@rsora are we good to merge this?

@rsora rsora merged commit 79c5559 into devel Aug 28, 2019
@umbynos umbynos deleted the secure-origin branch November 9, 2020 17:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mastrolinux mastrolinux Awaiting requested review from mastrolinux

2 more reviewers

@matteosuppo matteosuppo matteosuppo approved these changes

@rsora rsora rsora approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@rsora rsora

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@gvarisco @matteosuppo @rsora