Commits · 7.x-1.x · project / seckit

Feb 03, 2023
- Issue #3068681 by mcdruid, callinmullaney, dunx, ron_s: Text fields not big enough · 2647535b
  Drew Webber authored Feb 03, 2023
  
  2 tags
  
  2647535b
- Issue #2990047 : by mcdruid: remove debug from test · 6485e05d
  Drew Webber authored Feb 03, 2023
  
  6485e05d
- Issue #3107303 by rpayanm, cboyden, ron_s, byronveale, jweowu, mcdruid,... · 6fa3e51e
  byronveale authored Feb 03, 2023 and Drew Webber committed Feb 03, 2023
```
Issue #3107303 by rpayanm, cboyden, ron_s, byronveale, jweowu, mcdruid, bkosborne, dsnopek, Rajeshreeputra: Skip report-uri processing if value is empty
```
  6fa3e51e
Feb 08, 2022
- Issue #2516394 : Document hook_seckit_options_alter() vs hook_boot() · b742ad89
  jweowu authored Feb 06, 2022
  
  b742ad89
- Issue #2894089 by jweowu, tmaiochi, sneha_chandole, victoria-marina,... · 6c8e6eb2
  jweowu authored Feb 06, 2022
```
Issue #2894089 by jweowu, tmaiochi, sneha_chandole, victoria-marina, JayKandari: Fix coding standards
```
  6c8e6eb2
Feb 05, 2022
- Document the previous change · b808a09b
  jweowu authored Feb 05, 2022
  
  b808a09b
Feb 04, 2022
- Issue #3052779 by TomTech, jweowu: Allow other modules to alter the CSP Directives · 059465ec
  jweowu authored Feb 04, 2022
  
  059465ec
Jun 11, 2019
- Issue #2990047 by bonus, adammalone, mcdruid, hey_germano, nironan: Add... · 933fda2e
  Drew Webber authored Jun 11, 2019 and Drew Webber committed Jun 11, 2019
```
Issue #2990047 by bonus, adammalone, mcdruid, hey_germano, nironan: Add support for feature-policy header
```
  2 tags
  
  933fda2e
- Issue #2845472 by mcdruid, humansky, nhoag: Use the "Upgrade Insecure... · 4cf0dd77
  Drew Webber authored Jun 11, 2019 and Drew Webber committed Jun 11, 2019
```
Issue #2845472 by mcdruid, humansky, nhoag: Use the "Upgrade Insecure Requests" CSP directive to protect your visitors from insecure content
```
  4cf0dd77
Jun 10, 2019
- Issue #3058313 by mcdruid: Fix seckit-7.x tests so they pass on DrupalCI · debf9ad6
  Drew Webber authored Jun 10, 2019
  
  debf9ad6
Mar 12, 2019
- Issue #2892480 by bonus, mcdruid, bighappyface: Do not send vendor prefixed CSP headers · e63673de
  Drew Webber authored Mar 12, 2019 and Drew Webber committed Mar 12, 2019
  
  e63673de
- Issue #3033290 by mcdruid, jweowu: Remove recommendations to use private files to send headers · 03d90ec1
  Drew Webber authored Mar 12, 2019 and Drew Webber committed Mar 12, 2019
  
  03d90ec1
Feb 20, 2019
- Issue #2406023 by Liam Morland: move cli check to hook_init to bail early for cli requests · 8f05eb30
  Liam Morland authored Feb 20, 2019 and Drew Webber committed Feb 20, 2019
  
  8f05eb30
Sep 24, 2018
- Issue #2959208 by mcdruid, jweowu: Rework seckit_update_7107 variable cleanup · f5d56672
  Drew Webber authored Sep 24, 2018
  
  2 tags
  
  f5d56672
Sep 21, 2018
- Issue #3000696 by keithdoyle9, mcdruid: X-FRAME-OPTIONS header syntax should be all caps (D7) · 45f3a366
  Drew Webber authored Sep 21, 2018 and Drew Webber committed Sep 21, 2018
  
  45f3a366
- Issue #2959208 by mcdruid: Remove X-Content-Type-Options as core now emits that header · 72a808ef
  Drew Webber authored Sep 21, 2018 and Drew Webber committed Sep 21, 2018
  
  72a808ef
Aug 24, 2018
- Issue #2656292 by progga, mcdruid, svenryen: Absolute URL for report-uri · 25e04b4f
  Muhammad Adnan authored Aug 24, 2018 and Drew Webber committed Aug 24, 2018
  
  25e04b4f
- Issue #2613426 by mcdruid, milodesc, jweowu: Trim whitelisted CSRF origins... · 05103463
  Patrick Jensen authored Aug 24, 2018 and Drew Webber committed Aug 24, 2018
```
Issue #2613426 by mcdruid, milodesc, jweowu: Trim whitelisted CSRF origins before checking against origin
```
  05103463
- Issue #2675922 by jweowu, mcdruid: tweak to de-uglify a variable name · ea89784f
  Drew Webber authored Aug 24, 2018
  
  ea89784f
Aug 16, 2018
- Issue #2925376 by wrd, mcdruid, lamp5, adammalone: Add support for Referrer-Policy header · 43ba573f
  Adam Malone authored Aug 16, 2018 and Drew Webber committed Aug 16, 2018
  
  43ba573f
- Issue #2675922 by joekers, mkhamash, benjaminbradley, ronaldmulero:... · 9e43795b
  Benjamin Bradley authored Aug 16, 2018 and Drew Webber committed Aug 16, 2018
```
Issue #2675922 by joekers, mkhamash, benjaminbradley, ronaldmulero: frame-ancestors in Content Security Policy
```
  9e43795b
- Issue #2962380 by jochemh, mcdruid, nironan: Add support for the Expect-CT header (D7 backport) · 24c47b9d
  Andrea Nironi authored Aug 16, 2018 and Drew Webber committed Aug 16, 2018
  
  24c47b9d
Apr 06, 2018
- Issue #2845923 by AndyF, bonus, mcdruid: Origin header is incorrectly verified... · 19843dc4
  Drew Webber authored Apr 06, 2018
```
Issue #2845923 by AndyF, bonus, mcdruid: Origin header is incorrectly verified for sites in subdirectories.
```
  19843dc4
Sep 08, 2016
- Don't process violation reports if the CSP feature is disabled · 1331c952
  jweowu authored Sep 08, 2016
  
  1331c952
Sep 04, 2016
- Don't read more than max_len bytes of a CSP report when enforcing limits · 316bb9b5
  jweowu authored Sep 04, 2016
  
  316bb9b5
- Issue #2779169 by billdacat10, jweowu: Allow-From headers are incorrect · 6aaf021b
  jweowu authored Sep 04, 2016
  
  6aaf021b
May 30, 2016
- Issue #2661644 by David_Rothstein: Integrate with upcoming Drupal core clickjacking defense · bca6c0d8
  David Rothstein authored May 30, 2016 and jweowu committed May 30, 2016
  
  bca6c0d8
Mar 21, 2016
- Provide limits and flood control for CSP violation reports · d4c68450
  jweowu authored Mar 03, 2016
  
  d4c68450
Mar 20, 2016
- Issue #2689277 by milodesc, jweowu: Add ability to configure the child-src CSP directive · 4bd089e2
  Patrick Jensen authored Mar 21, 2016 and jweowu committed Mar 21, 2016
  
  4bd089e2
- Issue #2687955 by milodesc, lanetterm: Field for Cross Site Forgery origin whitelist is too small · 989bdf97
  Patrick Jensen authored Mar 21, 2016 and jweowu committed Mar 21, 2016
  
  989bdf97
Feb 29, 2016
- Issue #2668376 by milodesc, jweowu: Differentiate X-XSS-Protection header... · ad0c7029
  Patrick Jensen authored Feb 29, 2016 and jweowu committed Feb 29, 2016
```
Issue #2668376 by milodesc, jweowu: Differentiate X-XSS-Protection header values "1" and "1; mode=block"
```
  ad0c7029
Feb 27, 2016
- Issue #2676706 by akashjain132: Missing string translations · 26cf67db
  Akash Jain authored Feb 27, 2016 and jweowu committed Feb 27, 2016
  
  26cf67db
Feb 23, 2016
- Issue #2281315 by stefan.r, jweowu, vinmassaro: Option to disable... · 379f243d
  Stefan Ruijsenaars authored Feb 23, 2016 and jweowu committed Feb 23, 2016
```
Issue #2281315 by stefan.r, jweowu, vinmassaro: Option to disable autocompletion on user login/registration forms
```
  379f243d
- Issue #2480527 by jweowu, khaldoon_masud: Migrate to a better CSP report URL · 77d07842
  jweowu authored Feb 23, 2016 and jweowu committed Feb 23, 2016
  
  77d07842
- Issue #2626230 by rooby: Invalid origin watchdog log doesn't happen if access denied callback exits · 39009ea3
  Reuben Turk authored Feb 23, 2016 and jweowu committed Feb 23, 2016
  
  39009ea3
- Issue #2657346 by leymannx, milodesc: Remove h1 heading from noscript message · 0fe48b55
  Patrick Jensen authored Feb 23, 2016 and jweowu committed Feb 23, 2016
  
  0fe48b55
- Issue #2668642 by milodesc, jweowu: Link to sirdarckcat on admin screen is broken · c9ae1d54
  Patrick Jensen authored Feb 23, 2016 and jweowu committed Feb 23, 2016
  
  c9ae1d54
- Issue #2658954 by Novitsh, milodesc: Typo issue in description · 51d6b554
  Kevin Thiels authored Feb 23, 2016 and jweowu committed Feb 23, 2016
  
  51d6b554
Oct 11, 2015
- Issue #2305275 by dbcollies: SimpleTest tests fail for CSP and JS-CSS tests · e0792e69
  Dwayne Bailey authored Oct 11, 2015 and jweowu committed Oct 11, 2015
  
  e0792e69
- Issue #2406075 : Document why multi-value Origins are ignored · 09b1cebc
  jweowu authored Oct 11, 2015
  
  09b1cebc