Allow Cross Server Redirects in https staging #114

oldpatricka opened this Issue Aug 16, 2012 · 2 comments


None yet

1 participant

Nimbus member

This is disabled right here:

I don't see any reason we shouldn't allow this. Does anyone have any objections?

Nimbus member

As discussed on Campfire, the solution to this will be:

  • Print a warning when a cross-server redirect is followed
  • Add an option to disable cross server redirects
  • Add a warning in the whitelist section of global-policy.conf that redirects can be followed.
@oldpatricka oldpatricka was assigned Aug 17, 2012
Nimbus member

This issue is fixed in c611a8f (and 2652487, sigh)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment