Details
-
Task
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.3.2
-
None
Description
The redback referrer header check that was added can occasionally cause problems, and is only a preventative measure for other CSRF vulnerabilities.
It should be disabled by default, but the configuration for enabling it documented.