-
### Environment
* PostgreSQL version: 16.3
* PostgREST version: 12.0.2
* Operating system: Ubuntu 22.04 LTS
### Description of issue
I am trying to add a custom header (x-app-id) to postg…
-
**Describe the bug**
The PATCH method triggers a CORS error when attempting to update the profile. The preflight response does not include PATCH in the Access-Control-Allow-Methods header.
**To Re…
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0x592728795b65d0d3b8a3f7871bbdbbda9a0c0c67113cb3d76afad0241f2d7756
**Severity:** medium
**Description:**
Missing inii…
-
• Description: Missing or misconfigured CSP headers and cross-domain configurations could allow unsafe content loading, unauthorized access from untrusted domains, and injection attacks.
• Location an…
-
Docker allows users to create their own authorization plugin. And 3c157713b31f542a4180e31da4cae7d677330a6f introduces TLS user information so that the plugins can know the name of the user who send a …
-
### Summary of issue:
What precisely are the rules that determine what has access to members with `private` or `protected` access modifiers?
Here are some questions that I don't think are addr…
-
### Summary
The current configuration of the load balancer URL presents a security risk as it is accessible without restrictions. To enhance security, we need to implement access controls to either b…
-
After adding removing access control to a dataset we end up with duplicate "observation"-buttons which appear to be due to links being added to the discovery metadata record whenever access-control is…
-
Follow up for #197. Currently, enabling monetization disables the API product entity access control provided by the `apigee_edge_apiproduct_rbac` module, showing users only API products for which a de…
-
**Is your feature request related to a problem? Please describe.**
My residential apartment complex has implemented an alarm.com based gate access control system. Right now this requires use of a loc…