tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9229 from silverstripe/pulls/secure-coding-docs

Browse Source 
Update secure coding standards
This commit is contained in:
Robbie Averill 2019-09-09 18:34:36 -07:00 committed by GitHub
commit b6fb6a6461
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
View File

@ -697,9 +697,7 @@ following in your .htaccess to ensure this behaviour is activated.
</IfModule> </IfModule>
``` ```
In a future release this behaviour will be changed to be on by default, and this environment As of SilverStripe 4, this behaviour is on by default, and the environment variable is no longer required. For correct operation, it is necessary to always set `SS_TRUSTED_PROXY_IPS` if using a proxy.
variable will be no longer necessary, thus it will be necessary to always set
`SS_TRUSTED_PROXY_IPS` if using a proxy.
## Secure Sessions, Cookies and TLS (HTTPS) ## Secure Sessions, Cookies and TLS (HTTPS)