lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

More complete security

Browse Source
This commit is contained in:
Laurent Destailleur 2020-09-17 09:24:11 +02:00
parent a074c4cb62
commit 241ce8c3b7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@ -69,7 +69,7 @@ ONLY vulnerabilities discovered, when the following setup on tested platform is
* The module DebugBar must NOT be enabled (by default, this module is not enabled. This is a developer tool)
* The module ModuleBuilder must NOT be enabled (by default, this module is not enabled. This is a developer tool)
* The constant MAIN_SECURITY_CSRF_WITH_TOKEN must be set to 1 into backoffice menu Home - Setup - Other (this protection should be enabled soon by default)
* ONLY security reports on "stable" modules are allowed (troubles into "experimental" and "developement" modules are not accepted).
* ONLY security reports on modules provided by default and with the "stable" status are allowed (troubles into "experimental", "developement" or external modules are not accepted).
Scope is the web application (back office) and the APIs.