File

AUTHORS @ 12444:b33558969b3e 0.12

mod_http (and dependent modules): Make CORS opt-in by default (fixes #1731) The same-origin policy enforced by browsers is a security measure that should only be turned off when it is safe to do so. It is safe to do so in Prosody's default modules, but people may load third-party modules that are unsafe. Therefore we have flipped the default, so that modules must explicitly opt in to having CORS headers added on their requests.
author Matthew Wild <mwild1@gmail.com>
date Mon, 28 Mar 2022 14:53:24 +0100
parent 5403:d7ecf6cd584e
line wrap: on
line source


The Prosody project is open to contributions (see HACKERS file), but is
maintained daily by:

  - Matthew Wild (mail: matthew [at] prosody.im)
  - Waqas Hussain (mail: waqas [at] prosody.im)
  - Kim Alvefur (mail: zash [at] prosody.im)

You can reach us collectively by email: developers [at] prosody.im
or in realtime in the Prosody chatroom: prosody@conference.prosody.im