bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-14 13:02:58 +02:00

Files

Peter Müller eb6d71514a prevent loading resources from external sites

Make Apache transmit a CSP (Content Security Policy) header
for WebUI and Captive Portal contents.

This prevents some XSS and content injection attacks, especially
in case no transport encryption (Captive Portal!) can be used.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

2017-12-16 12:18:39 +00:00

conf.d

Typo in compilation commands of postfix.

2007-11-01 14:18:27 +00:00

vhosts.d

prevent loading resources from external sites

2017-12-16 12:18:39 +00:00

default-server.conf

Nagios addon install.sh with vhost Port 1007 added

2009-03-14 14:00:46 +01:00

global.conf

Fix potential HTTPoxy vulnerability