open-nomad

luxolus/open-nomad

Fork 0

Commit graph

Author	SHA1	Message	Date
Yoan Blanc	7b873b7746	vendor: rs/cors v1.7.0 The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems. CVE-2018-20744 Signed-off-by: Yoan Blanc <yoan@dosimple.ch>	2020-08-23 10:36:38 +02:00
Michael Schurter	c9a73ac76e	Support CORS for client endpoints Added to /v1/client/stats and /v1/client/allocation/	2017-10-18 17:32:36 -07:00

Author

SHA1

Message

Date

Yoan Blanc

7b873b7746

vendor: rs/cors v1.7.0

The Olivier Poitrey Go CORS handler through 1.3.0 actively converts
a wildcard CORS policy into reflecting an arbitrary Origin header
value, which is incompatible with the CORS security design, and
could lead to CORS misconfiguration security problems.

CVE-2018-20744

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

2020-08-23 10:36:38 +02:00

Michael Schurter

c9a73ac76e

Support CORS for client endpoints

Added to /v1/client/stats and /v1/client/allocation/

2017-10-18 17:32:36 -07:00

2 commits