DMehaffy
DMehaffy
(I'll push it into our development server https://api.canonn.tech:2083)
So here is the example structure based on the model I created: ```json [ { "id": 1, "title": "Dashboard", "endpoint": "/", "enabled": true, "tabs": [ { "id": 1, "title": "Test...
> Sorry for not having any useful solutions to add but I'm wondering if this issue can be fixed by strapi at all? Usually, uploads are pipes / streamed to...
Our CTO Alex was working on this before he left for paternity leave, once he gets back the dev work should pick back up.
Reopening this as it's still broke
> @derrickmehaffy what is the status of this? It's still present in the latest version.. Still broken as of now I believe and I don't think we can fix this...
> the vulnerability was discoved recently [CVE-2023-49803](https://github.com/advisories/GHSA-qxrj-hx23-xp82)([GHSA-qxrj-hx23-xp82](https://github.com/advisories/GHSA-qxrj-hx23-xp82)) the fix in [koa/cors/v/5.0.0](https://www.npmjs.com/package/@koa/cors/v/5.0.0) which has been published yesterday That vuln doesn't apply to us as we intentionally set the origin by default...
> @derrickmehaffy ah true, default cors middleware has "*" value. > But anyways it is overly permissive origin policy (similar issue as in the vulnerability I mentioned). > > Is...
> I currently have issues with this on 4.24.0, allowed origin header stays empty no matter what I change in the cors middleware config. 4.23.1 is unaffected though. origin is...
Hello, In order to keep our GitHub issues clean and only related to bug reports I've moved your enhancement / feature requested over to our feedback database. You can find...