All notable changes to this project will be documented in this file. See standard-version for commit guidelines.
4.5.0 (2021-03-30)
- app-factory: ensure session is handlable externaly (e7106e6)
- config: ensure sameSite exists and value is lax in default (aeff791)
- config: ensure sameSite exists in production (3ee1504)
- config: ensure secure exists in production (e3d41c3)
- config: ensure secure is true in production (5747cba)
- config: ensure secure value is false in default (9709ab9)
- session.js session.test.js: make separate file for session config (5092baf), closes #242
- config.test.js: update cookie config keys title (72646a5), closes #242
- session: ensure cookies settings are correct (7c24b83)
- package.json & package-lock.json to reduce vulnerabilities (218b7ce)
4.4.0 (2021-02-22)
- app: add csrf middleware (ef71ec4), closes #140
- app: generate random secret for session middleware (c6202ad), closes #144
- app-factory.js: add missing parenthesis to randomSecret() (2ff8a29)
- app-factory.js: fix location undefine and req.flash function problem (6d10f9b), closes #170 #173
- app-factory.js: remove undeeded csurf middleware (2b2152f), closes #169
- husky: add missing .huskyrc.json (990ce91)
- logging.js: add propper code for assigning empty string to msg (9846f23)
- routes.js: remove metadata input name on outgoing request (1738306), closes #137
- routes.js: remove provider name from error message to avoid cross script (577daaa), closes #137
- routes.js: remove received input from error output msg (4c7f204), closes #137
- uma.js: fixed form data send problem (478b452), closes #205
4.3.8 (2020-12-10)
- app-factory.js: fix location undefine and req.flash function problem (6d10f9b), closes #170 #173
- app-factory.js: remove undeeded csurf middleware (2b2152f), closes #169
4.3.7 (2020-11-25)
- app: add csrf middleware (ef71ec4), closes #140
- app: generate random secret for session middleware (c6202ad), closes #144
- app-factory.js: add missing parenthesis to randomSecret() (2ff8a29)
- husky: add missing .huskyrc.json (990ce91)
- logging.js: add propper code for assigning empty string to msg (9846f23)
- routes.js: remove metadata input name on outgoing request (1738306), closes #137
- routes.js: remove provider name from error message to avoid cross script (577daaa), closes #137
- routes.js: remove received input from error output msg (4c7f204), closes #137