@robocoder opened this Issue on May 21st 2011 Contributor

In some environments, a fixup is applied to HTTP_HOST such that it doesn't match the host in SCRIPT_URI. Example:

This causes isLocalUrl() and ultimately, the Nonce verification on the Referer to fail.

@robocoder commented on May 21st 2011 Contributor

(In [4750]) fixes #2444

@robocoder commented on May 22nd 2011 Contributor

(In [4754]) refs #2444 - relax isLocalReferer() test so that it's comparable to the Origin: test

@robocoder commented on May 22nd 2011 Contributor

(In [4756]) refs #2444

@robocoder commented on May 22nd 2011 Contributor

(In [4757]) refs #2444

@robocoder commented on May 22nd 2011 Contributor

(In [4758]) refs #2444

@robocoder commented on May 22nd 2011 Contributor

(In [4760]) refs #2444 - re-enable unit test

This Issue was closed on May 22nd 2011
Powered by GitHub Issue Mirror