Software / code / prosody
Annotate
HACKERS @ 12444:b33558969b3e 0.12
mod_http (and dependent modules): Make CORS opt-in by default (fixes #1731)
The same-origin policy enforced by browsers is a security measure that should
only be turned off when it is safe to do so. It is safe to do so in Prosody's
default modules, but people may load third-party modules that are unsafe.
Therefore we have flipped the default, so that modules must explicitly opt in
to having CORS headers added on their requests.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 28 Mar 2022 14:53:24 +0100 |
| parent | 9858:54147de1d1b1 |
| rev | line source |
|---|---|
| 13 | 1 Welcome hackers! |
| 2 | |
| 1082 | 3 This project accepts and *encourages* contributions. If you would like to get |
| 4 involved you can join us on our mailing list and discussion rooms. More | |
|
7359
a5a080c12c96
Update every link to the documentation to use HTTPS
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
2664
diff
changeset
|
5 information on these at https://prosody.im/discuss |
| 13 | 6 |
| 1082 | 7 Patches are welcome, though before sending we would appreciate if you read |
|
9858
54147de1d1b1
doc/coding_style.{txt,md}: Update coding style guide
Matthew Wild <mwild1@gmail.com>
parents:
7359
diff
changeset
|
8 docs/coding_style.md for guidelines on how to format your code, and other tips. |
| 2664 | 9 |
|
7359
a5a080c12c96
Update every link to the documentation to use HTTPS
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
2664
diff
changeset
|
10 Documentation for developers can be found at https://prosody.im/doc/developers |
| 2664 | 11 |
| 12 Have fun :) |
