41ac69adb1
- Prevents authenticated responses being visible when back button pressed in browser. - Previously, 'no-cache, private' was added by default by Symfony which would have prevents proxy cache issues but this adds no-store and a max-age option to also invalidate all caching. Thanks to @haxatron via huntr.dev Ref: https://huntr.dev/bounties/6cda9df9-4987-4e1c-b48f-855b6901ef53/ |
||
---|---|---|
.. | ||
ApiAuthenticate.php | ||
ApplyCspRules.php | ||
Authenticate.php | ||
AuthenticatedOrPendingMfa.php | ||
CheckEmailConfirmed.php | ||
CheckForMaintenanceMode.php | ||
CheckGuard.php | ||
CheckUserHasPermission.php | ||
EncryptCookies.php | ||
Localization.php | ||
PreventAuthenticatedResponseCaching.php | ||
RedirectIfAuthenticated.php | ||
RunThemeActions.php | ||
StartSessionIfCookieExists.php | ||
ThrottleApiRequests.php | ||
TrimStrings.php | ||
TrustProxies.php | ||
VerifyCsrfToken.php |