btcpayserver

mirror of https://github.com/btcpayserver/btcpayserver.git synced 2025-01-19 05:33:31 +01:00

History

d11n 23761eacc1 Unset X-Frame-Options header correctly (#4721 ) * Unset X-Frame-Options header correctly According to the [spec](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) there are onlye the `DENY` and `SAMEORIGIN` options, `ALLOW-FROM` being deprecated. Hence we have to actively unset the header, as we made `DENY` the default. This also unsets the X-Frame-Options header for the public form pages, which fixes #4666. * Ignore anti forgery token in Forms --------- Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>		2023-03-01 15:27:18 +09:00
..
Models	POS improvements (#4668 )	2023-02-23 09:52:37 +01:00
FormComponentProviders.cs	POS improvements (#4668 )	2023-02-23 09:52:37 +01:00
FormDataExtensions.cs	Start using JSONB column instead of app side compressed data (#4574 )	2023-02-21 15:06:34 +09:00
FormDataService.cs	Apply branding to custom forms (#4697 )	2023-02-23 14:35:29 +01:00
HtmlFieldsetFormProvider.cs	Code formatting updates (#4502 )	2023-01-06 22:18:07 +09:00
HtmlInputFormProvider.cs	Code formatting updates (#4502 )	2023-01-06 22:18:07 +09:00
IFormComponentProvider.cs	Propagate the ModelState errors on dynamic forms	2022-11-25 18:32:40 +09:00
ModifyForm.cs	Generic Forms (#4561 )	2023-02-20 19:35:54 +09:00
UIFormsController.cs	Unset X-Frame-Options header correctly (#4721 )	2023-03-01 15:27:18 +09:00