fix: Open Redirect Vulnerability Mitigation - CWE 601 (#1963)

* Open redirect vulnerabilty mitigation * Refacted Open Redirect to user configurable and corrected incorrect security variable names. Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
2020-05-29 18:24:20 -04:00
parent 4b93e04261
commit 20e6bc1a70
5 changed files with 27 additions and 3 deletions
--- a/server/app/data.yml
+++ b/server/app/data.yml
@@ -54,6 +54,7 @@ defaults:
      iconset: 'md'
      darkMode: false
    security:
+      securityOpenRedirect: true
      securityIframe: true
      securityReferrerPolicy: true
      securityTrustProxy: true