mporwoll/cms.c2sgmbh
1
0
Fork 0
mirror of https://github.com/complexcaresolutions/cms.c2sgmbh.git synced 2026-03-17 19:44:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(security): add c2sgmbh.de to CSRF production domains

Browse source 
Add missing production domain for cms.c2sgmbh.de to the CSRF
origin validation whitelist.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Martin Porwoll 2026-01-14 17:01:45 +00:00
parent 31d44af0bd
commit 40f66eda35
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/lib/security/csrf.ts
View file

@ -142,7 +142,7 @@ export function validateOrigin(origin: string | null): { valid: boolean; reason?
}
// Subdomain-Matching für Produktions-Domains
const productionDomains = ['pl.porwoll.tech', 'porwoll.de', 'complexcaresolutions.de', 'gunshin.de']
const productionDomains = ['pl.porwoll.tech', 'c2sgmbh.de', 'porwoll.de', 'complexcaresolutions.de', 'gunshin.de']
for (const domain of productionDomains) {
if (origin.endsWith(domain) && origin.startsWith('https://')) {