ORIENT

History

Samuel Georges e3b42b2f10 Make cms.backendForceSecure an explicit setting This no longer hinges on app.debug because it creates confusion for devops engineers. This is based on three independent reports coming from app environments that use a reverse proxy. The engineer will follow the proper security instructions by disabling debug mode, which in turn creates an infinite redirect loop when opening the back-end area, only to leave them scratching their heads Ultimately it is the web server configuration's job to handle the enforcement of HTTPS, the app no longer enforces it as a strong opinion, but we still keep the setting available as a convenient security check for standard environments that do not use a reverse proxy		2020-01-18 18:05:26 +11:00
..
dev	Migrate bootstrap process	2015-02-04 19:31:41 +11:00
testing	Disable CSRF in unit tests	2019-10-07 14:13:02 +08:00
app.php	Code quality clean up (#4449 )	2019-07-18 08:50:37 -06:00
broadcasting.php	Code dusting (#2826 )	2017-04-24 21:38:19 +10:00
cache.php	Disable in-memory cache repository when running in CLI by default (#4323 )	2019-05-07 12:34:46 -06:00
cms.php	Make cms.backendForceSecure an explicit setting	2020-01-18 18:05:26 +11:00
cookie.php	Add cookie configuration file (#3644 )	2018-07-19 22:38:45 -04:00
database.php	Shorten default string length	2019-12-29 11:43:27 +11:00
develop.php	Allow decompiled Backend JS assets (#4549 )	2019-08-16 16:19:16 +08:00
environment.php	Change default environment to development (#3288 )	2017-12-08 10:37:15 -06:00
filesystems.php	Fix use of Storage::url() for local disks that haven't been configured correctly. Fixes #4581	2019-09-02 12:33:36 -06:00
mail.php	Change default mail driver to smtp	2017-11-23 11:51:56 +11:00
queue.php	Code dusting (#2826 )	2017-04-24 21:38:19 +10:00
services.php	Added Mailgun endpoint to services config (#4667 )	2019-10-06 19:27:10 -06:00
session.php	Documented session.http_only (#4743 )	2019-12-14 11:14:23 -06:00
view.php	Typo	2018-03-27 13:23:03 -06:00