tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-25 22:19:33 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9229 from silverstripe/pulls/secure-coding-docs

Browse Source 
Update secure coding standards
This commit is contained in:
Robbie Averill 2019-09-09 18:34:36 -07:00 committed by GitHub
commit b6fb6a6461
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
View File

@ -697,9 +697,7 @@ following in your .htaccess to ensure this behaviour is activated.
</IfModule>
```
In a future release this behaviour will be changed to be on by default, and this environment
variable will be no longer necessary, thus it will be necessary to always set
`SS_TRUSTED_PROXY_IPS` if using a proxy.
As of SilverStripe 4, this behaviour is on by default, and the environment variable is no longer required. For correct operation, it is necessary to always set `SS_TRUSTED_PROXY_IPS` if using a proxy.
## Secure Sessions, Cookies and TLS (HTTPS)