Closed thespad closed 8 months ago
I am a bot, here are the test results for this PR: https://ci-tests.linuxserver.io/lspipepr/healthchecks/v3.1-pkg-b62f1681-dev-d7555e94bb19f6cbd95015b818ed13394c85536d-pr-115/index.html https://ci-tests.linuxserver.io/lspipepr/healthchecks/v3.1-pkg-b62f1681-dev-d7555e94bb19f6cbd95015b818ed13394c85536d-pr-115/shellcheck-result.xml | Tag | Passed |
---|---|---|
amd64-v3.1-pkg-b62f1681-dev-d7555e94bb19f6cbd95015b818ed13394c85536d-pr-115 | ✅ | |
arm64v8-v3.1-pkg-b62f1681-dev-d7555e94bb19f6cbd95015b818ed13394c85536d-pr-115 | ❌ |
Description:
Closes #112 and #114
Logic for CSRF setting was wrong and causing inconsistent behaviour. We now default to the value of $SITE_ROOT if nothing is provided, otherwise set to the literal value of the CSRF_TRUSTED_ORIGINS env.
Benefits of this PR and context:
How Has This Been Tested?
Source / References: