diff options
author | Ed Tanous <ed@tanous.net> | 2024-04-22 22:41:06 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2024-04-23 18:04:43 +0300 |
commit | 788fe74859b1fa491053d1fcd8bb32f42e7898b6 (patch) | |
tree | a0f4db776dc71a461ab1adcdee8723e27c451e61 /meson_options.txt | |
parent | c056aa7aa2438d16b1a3f1db20e6aac2694ca455 (diff) | |
download | bmcweb-788fe74859b1fa491053d1fcd8bb32f42e7898b6.tar.xz |
Remove XSS prevention code
This feature was created for a time before webpack had a built in proxy,
and to debug the UI required setting specific flags. The webpack proxy
solves this problem in a much better way, by proxying everything.
This commit is one piece in the solving a use after free bug. Removing
this allows us to no longer have to cache the origin header [1], which
is only used in this mode.
Tested: Code compiles.
[1] https://gerrit.openbmc.org/c/openbmc/bmcweb/+/70850
Change-Id: I01d67006e217c0c9fd2db7526c0ec34b0da068f3
Signed-off-by: Ed Tanous <ed@tanous.net>
Diffstat (limited to 'meson_options.txt')
-rw-r--r-- | meson_options.txt | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/meson_options.txt b/meson_options.txt index 39a410bc08..d10d1b3dde 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -316,13 +316,6 @@ option( ) option( - 'insecure-disable-xss', - type: 'feature', - value: 'disabled', - description: 'Disable XSS preventions' -) - -option( 'insecure-tftp-update', type: 'feature', value: 'disabled', |