btcpayserver

mirror of https://github.com/btcpayserver/btcpayserver.git synced 2024-11-19 18:11:36 +01:00

History

d11n 23761eacc1 Unset X-Frame-Options header correctly (#4721 ) * Unset X-Frame-Options header correctly According to the [spec](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) there are onlye the `DENY` and `SAMEORIGIN` options, `ALLOW-FROM` being deprecated. Hence we have to actively unset the header, as we made `DENY` the default. This also unsets the X-Frame-Options header for the public form pages, which fixes #4666. * Ignore anti forgery token in Forms --------- Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>		2023-03-01 15:27:18 +09:00
..
CheatModeRouteAttribute.cs	Run dotnet format (#3244 )	2021-12-31 16:59:02 +09:00
ContentSecurityPolicyAttribute.cs	Code analysis (#4293 )	2022-11-20 17:42:36 +09:00
DomainMappingConstraintAttribute.cs	POS improvements (#4668 )	2023-02-23 09:52:37 +01:00
ExperimentalRouteAttribute.cs	Allow resolution of any settings via DI	2022-05-24 14:10:19 +09:00
JsonHttpExceptionFilter.cs	Greenfield: Improve error message, do not use internal lightning node on store's lightning API	2021-12-16 14:27:34 +09:00
JsonObjectExceptionFilter.cs	[Greenfield] if some json property are invalid, throw nice error instead of an exception (fix #2795 )	2022-01-10 22:11:04 +09:00
OnlyIfSupportAttribute.cs	Split Options in BTCPayOptions (#2175 )	2021-01-02 13:44:28 +01:00
OnlyMediaTypeAttribute.cs	Removing unused usings, readonly fields where possible	2020-06-28 22:07:48 -05:00
ReferrerPolicyAttribute.cs	Removing unused usings, readonly fields where possible	2020-06-28 22:07:48 -05:00
XContentTypeOptionsAttribute.cs	Removing unused usings, readonly fields where possible	2020-06-28 22:07:48 -05:00
XFrameOptionsAttribute.cs	Unset X-Frame-Options header correctly (#4721 )	2023-03-01 15:27:18 +09:00
XXSSProtectionAttribute.cs	Removing unused usings, readonly fields where possible	2020-06-28 22:07:48 -05:00