plane

references/plane

Fork 0

mirror of https://github.com/makeplane/plane.git synced 2026-06-14 03:30:00 +00:00

Commit Graph

Author	SHA1	Message	Date
MINIT	ff21e53f5a	fix(nginx): correct real_ip_header typo X-Forward-For → X-Forwarded-For (#8935 ) X-Forward-For is not a real HTTP header — the standard is X-Forwarded-For. With the typo, Nginx never replaces $remote_addr with the actual client IP, so rate limiting and IP logging see the proxy IP instead of the real client. Affects all three nginx configs (web, admin, space).	2026-05-05 13:51:12 +05:30
Prateek Shourya	110dbd9acd	[VPAT-50] chore(security): add X-Frame-Options header to nginx configuration to prevent clickjacking attacks (#8507 ) * [VPAT-50] chore(security): add X-Frame-Options header to nginx configuration to prevent clickjacking attacks * [SECURITY] chore: enhance nginx configuration with additional security headers	2026-01-09 04:03:41 +05:30
Aaron	315e1d5eb0	[WEB-5040] feat: admin react-router migration (#7922 )	2025-11-06 13:39:35 +05:30

Author

SHA1

Message

Date

MINIT

ff21e53f5a

fix(nginx): correct real_ip_header typo X-Forward-For → X-Forwarded-For (#8935 )

X-Forward-For is not a real HTTP header — the standard is X-Forwarded-For.
With the typo, Nginx never replaces $remote_addr with the actual client IP,
so rate limiting and IP logging see the proxy IP instead of the real client.
Affects all three nginx configs (web, admin, space).

2026-05-05 13:51:12 +05:30

Prateek Shourya

110dbd9acd

[VPAT-50] chore(security): add X-Frame-Options header to nginx configuration to prevent clickjacking attacks (#8507 )

* [VPAT-50] chore(security): add X-Frame-Options header to nginx configuration to prevent clickjacking attacks

* [SECURITY] chore: enhance nginx configuration with additional security headers

2026-01-09 04:03:41 +05:30

Aaron

315e1d5eb0

[WEB-5040] feat: admin react-router migration (#7922 )

2025-11-06 13:39:35 +05:30

3 Commits