mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-04 19:29:49 -06:00
Code Issues Packages Projects Releases Wiki Activity

Automated changelog update [skip ci]

Browse Source
This commit is contained in:
Florian Schade
2024-03-25 09:16:43 +00:00
parent 6840de574a
commit c5b194c8bd
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
CHANGELOG.md
View File

@@ -68,6 +68,7 @@ The following sections list the changes for unreleased.
* Enhancement - Bump keycloak: [#8687](https://github.com/owncloud/ocis/pull/8687)
* Enhancement - Bump Reva: [#8701](https://github.com/owncloud/ocis/pull/8701)
* Enhancement - Initiator-IDs: [#8701](https://github.com/owncloud/ocis/pull/8701)
* Enhancement - Make IDP cookies same site strict: [#8716](https://github.com/owncloud/ocis/pull/8716)
## Details
@@ -317,6 +318,21 @@ The following sections list the changes for unreleased.
https://github.com/owncloud/ocis/pull/8701
* Enhancement - Make IDP cookies same site strict: [#8716](https://github.com/owncloud/ocis/pull/8716)
To enhance the security of our application and prevent Cross-Site Request
Forgery (CSRF) attacks, we have updated the SameSite attribute of the build in
Identity Provider (IDP) cookies to Strict.
This change restricts the browser from sending these cookies with any cross-site
requests, thereby limiting the exposure of the user's session to potential
threats.
This update does not impact the existing functionality of the application but
provides an additional layer of security where needed.
https://github.com/owncloud/ocis/pull/8716
# Changelog for [5.0.0] (2024-03-18)
The following sections list the changes for 5.0.0.