]> BookStack Code Mirror - bookstack/commit
projects / bookstack / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9b4f1fb)
Middlware: Prevented caching of all app requests
authorDan Brown <redacted>
Mon, 23 Oct 2023 12:32:15 +0000 (13:32 +0100)
committerDan Brown <redacted>
Mon, 23 Oct 2023 12:32:15 +0000 (13:32 +0100)
commit7c4dc981cd049196971a663521da73aea2990490
treed49b60e2dedc2e3e1d85e1d8b99d8e9edb96d6e8tree | snapshot
parent9b4f1fb9813711ae90d6f8ccf310cca11e00958ecommit | diff
Middlware: Prevented caching of all app requests

Previously we'd prevent caching of authed responses for security
(prevent back cache or proxy caching) but caching could still be an
issue in non-auth scenarios due to CSRF (eg. returning to login screen after
session expiry).

For #4600
app/Http/Kernel.php diff | blob | history
app/Http/Middleware/PreventResponseCaching.php [moved from app/Http/Middleware/PreventAuthenticatedResponseCaching.php with 59% similarity] diff | blob | history
tests/SecurityHeaderTest.php diff | blob | history
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.