Manuel
Manuel
> it's uncommon to signup a user by email without validating his email, this feature can expose a breach or will be useless in common production app. That should not...
@Moumouls Just a ping so we can continue with this PR; there are some open questions.
@swittk are you still willing to work on this PR?
Thanks for this PR. Can you please reference the corresponding existing issue or create a new issue?
I added the issue link to your initial post and also did some reformatting.
> ## ⚠️ Important change for merging PRs from Parse Server 5.0 onwards! > > We are planning to release the first beta version of Parse Server 5.0 in October...
@fn-faisal Could you please resole the conflicts? Is this PR ready for review?
This seems to be merely a docs or types issue; the feature should already exist. Also see the [Access Scopes](https://github.com/parse-community/parse-server?tab=readme-ov-file#access-scopes). Please specify what exactly you're missing.
I think we need to differentiate for which responses this makes sense. Parse Server is primarily an API backend, not a web server. Sending the mentioned headers doesn't make sense...
Sure, it makes sense to add this to the PagesRouter with default values being the security headers you mentioned. I would suggest to add a "global" option for all pages:...