Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
spring-security/web
History
borlafu 8a458eb9e1 Avoid multiple X-Frame-Options headers 
XFrameOptionsHeaderWriter should not *add*, but *set* the
X-Frame-Options header. According to
https://tools.ietf.org/html/rfc7034#section-2.1, having
multiple values for the header is disallowed:

"There are three different values for the header field.
These values are mutually exclusive; that is, the header
field MUST be set to exactly one of the three values."

With this change, only the latest XFrameOptionsHeaderWriter
will remain.
 		2017-03-08 15:49:18 -06:00
..
src Avoid multiple X-Frame-Options headers 2017-03-08 15:49:18 -06:00
pom.xml Update poms to new to SNAPSHOT version 2017-03-02 09:20:34 -06:00
web.gradle jacksonDatavindVersion->jacksonDatabindVersion 2016-11-09 16:46:38 -06:00