joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,115 Commits 2 Branches 18 Tags
97de70a01782b99ebba99211ecb2cfd1979fa010
Commit Graph

4 Commits

Author SHA1 Message Date
dblythy
ed499e32a2 feat: Remove deprecation DEPPS3: Config option enforcePrivateUsers defaults to true (#8283) 
BREAKING CHANGE: The Parse Server option `enforcePrivateUsers` is set to `true` by default; in previous releases this option defaults to `false`; this change improves the default security configuration of Parse Server (#8283)
 2022-11-16 22:59:44 +01:00
Manuel
37fed3062c fix: session object properties can be updated by foreign user; this fixes a security vulnerability in which a foreign user can write to the session object of another user if the session object ID is known; the fix prevents writing to foreign session objects ([GHSA-6w4q-23cf-j9jp](https://github.com/parse-community/parse-server/security/advisories/GHSA-6w4q-23cf-j9jp)) [skip release] (#8180) 2022-09-20 02:23:49 +02:00
Florent Vilmart
d83a0b6808 Use Prettier JS (#5017) 
* Adds prettier

* Run lint before tests
 2018-09-01 13:58:06 -04:00
Benjamin Wilson Friedman
219ad7224a Fixes sessionTokens being overridden in 'find' (#4332) 
* remove session token replacement code

* adds cases for _User/_Session with sessionToken and with/without masterKey
 2017-11-25 15:28:08 -05:00