8000 Mark 3.7.2 by ColdHeat · Pull Request #2559 · CTFd/CTFd · GitHub

Mark 3.7.2 #2559

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

ColdHeat merged 1 commit into master from mark-3.7.2

Jun 18, 2024

Member

ColdHeat commented

3.7.2 / 2024-06-18

Security

Patches an issue where on certain browsers flags could be leaked with admin interaction on a malicious page

API

Disable returning 404s in listing pages with pagination
- Instead of returning 404 these pages will now return 200
- For API endpoints, the response will be a 200 with an empty listing instead of a 404

Deployment

CTFd will now add the Cross-Origin-Opener-Policy response header to all responses with the default value of same-origin-allow-popups
Add CROSS_ORIGIN_OPENER_POLICY setting to control the Cross-Origin-Opener-Policy header


          Mark 3.7.2

e3c4e0e

ColdHeat marked this pull request as ready for review

June 18, 2024 15:52

ColdHeat merged commit 12fb563 into master

6 checks passed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

0