forks/baikal
1
0
Fork 0
Code Releases Activity
baikal/Core/Frameworks
History
Frederic Hemberger 1896af0a45 Improve application security 
- Make session cookies only available via HTTP (prevent access from JavaScript)
- only log PHP errors instead of displaying them in production.
  Displaying errors may give attackers hints how to exploit the application

Set HTTP headers:

X-Frame-Options: DENY
Prevent Clickjacking attacks, see: http://en.wikipedia.org/wiki/Clickjacking

X-Content-Type-Options: nosniff
Prevent code injection via mime type sniffing

Former-commit-id: 4ca925874c
2014-01-21 16:14:47 +01:00
..
Baikal Improve application security 2014-01-21 16:14:47 +01:00
BaikalAdmin Improve application security 2014-01-21 16:14:47 +01:00
Flake Improve application security 2014-01-21 16:14:47 +01:00
Formal Updated Baïkal Website URL 2013-07-07 16:28:34 +02:00
TwitterBootstrap Submodules are reattached. 2012-08-20 23:13:04 +02:00