Jermolene 867488a25b Add custom request header as CSRF mitigation ...

By default we require the header X-Requested-With to be set to TiddlyWiki. Can be overriden by setting csrfdisable to "yes"

See https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Protecting_REST_Services:_Use_of_Custom_Request_Headers

2018-06-27 19:10:36 +01:00

..

diff-match-patch

Incorporate “diff” engine to show visual differences (#3112)

2018-03-16 20:38:35 +00:00

dom

Add custom request header as CSRF mitigation

2018-06-27 19:10:36 +01:00

crypto.js

Fix support for upgrading encrypted wikis

2014-07-16 10:06:24 +01:00

csv.js

Add support for multiple basic authentication credentials in a CSV file

2018-06-22 21:29:56 +01:00

edition-info.js

Refactor edition-info handling

2015-01-11 15:00:54 +00:00

fakedom.js

Don't throw errors when hitting limits of the fakedom

2017-06-09 15:20:45 +01:00

filesystem.js

Avoid deprecated new Buffer() usage

2018-06-13 11:22:17 +01:00

logger.js

Syncer: allow logging to be disabled

2017-09-26 17:10:57 +01:00

parsetree.js

Add parse tree utility for collecting text

2015-08-01 13:14:32 +01:00

performance.js

Add user interface for enabling performance instrumentation

2015-10-14 10:59:55 +01:00

pluginmaker.js

Add localisable strings for error (#2447)

2016-05-17 21:58:47 +01:00

transliterate.js

Export transliteration pairs

2017-11-10 14:37:31 +00:00

utils.js

Avoid deprecated new Buffer() usage

2018-06-13 11:22:17 +01:00