Skip to content
Commit ab26b65b authored by Joshua Kehn's avatar Joshua Kehn Committed by Tim Graham
Browse files

Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS. 

Added the CSRF_TRUSTED_ORIGINS setting which contains a list of other
domains that are included during the CSRF Referer header verification
for secure (HTTPS) requests.
parent 48c420d9
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment