Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-06 21:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
spring-security/web
History
borlafu 8a458eb9e1 Avoid multiple X-Frame-Options headers 
XFrameOptionsHeaderWriter should not *add*, but *set* the
X-Frame-Options header. According to
https://tools.ietf.org/html/rfc7034#section-2.1, having
multiple values for the header is disallowed:

"There are three different values for the header field.
These values are mutually exclusive; that is, the header
field MUST be set to exactly one of the three values."

With this change, only the latest XFrameOptionsHeaderWriter
will remain.
2017-03-08 15:49:18 -06:00
..
src
Avoid multiple X-Frame-Options headers
2017-03-08 15:49:18 -06:00
pom.xml
Update poms to new to SNAPSHOT version
2017-03-02 09:20:34 -06:00
web.gradle
jacksonDatavindVersion->jacksonDatabindVersion
2016-11-09 16:46:38 -06:00