Carsten Brandt
5727699445
Aadded OWASP references to security guide ( #13667 ) [skip ci]
...
Currently security guide is very thrifty with information on what a topic is about. So for beginners it is not clear why something like CSRF or XSS protection is even needed.
I added a few reference links to allow reading about more background behind the topics.
8 years ago
Robert Korulczyk
35998449eb
Add `yii\filters\HostControl::$fallbackHostInfo` ( #13117 )
8 years ago
Klimov Paul
7da77c3d5a
created `HostControl` filter to prevent Host header attacks
...
fixes #13050
close #13063
8 years ago
Carsten Brandt
a498dedb5c
Added documentation about Host header attack ( #13073 )
...
* Added documentation about Host header attack
Added info about Host header attack (#13050 ) to the guide and the Request class.
When we introduce a filter or property to protect against this, these
sections should be updated to link to that option.
8 years ago
Alexey Rogachev
f4e54a1b5a
Fixed typo in get parameter in docs [skip ci] ( #13066 )
8 years ago
SilverFire - Dmitry Naumenko
685f16e8ef
📖 Updated guide pages - wrap true, false, null
8 years ago
Dmitriy Makarov
383de6f051
📖 Fix typo [skip ci]
8 years ago
Alexander Makarov
63cac32fbc
Cleaned up security guide
9 years ago
Alexander Makarov
9a842d25e5
Better docs wording as suggested in 752d537998
9 years ago
Alexander Makarov
752d537998
Fixes #11367 : mentioned securing connection with TLS in security best practices
9 years ago
Dmitry Naumenko
9f1a0aed3d
Text style fixes
10 years ago
Dmitry Naumenko
65048c87ed
Updated guide/security-best-practices
...
A little bit more information about the CSRF
10 years ago
Nobuo Kihara
82036a9841
docs/guide/security-best-practices.md - small fix [ci skip]
10 years ago
Alexander Makarov
c8e56d178b
Added intro to CSRF to security-best-practices
10 years ago
alejandrochen
f8971c7644
Update security-best-practices.md
...
proerly -> properly
10 years ago
Nobuo Kihara
5549149433
docs/guide/security-best-practices.md - minor fix [ci skip]
10 years ago
Alexander Makarov
37ec930feb
Added note on how to deal with filtering column names
10 years ago
Alexander Makarov
874c6331d2
A plan on security guide CSRF section
10 years ago
pana1990
0f0d9020b3
fix mistake small [skip ci]
10 years ago
Alexander Makarov
996856c04c
Security best practices guide
10 years ago
Carsten Brandt
d68d8628fa
created stub documentation files for TDB sections
...
to avoid issues about 404 links in the guide
10 years ago