Alex Hall e590e65a3f (core) Allow requests from untrusted origins but without credentials ... Summary: Allow requests from untrusted origins instead of returning an error, but don't allow credentials (Cookie header) or API keys (Authorization header). Allow setting the header `Content-type: application/json` as an alternative to `X-Requested-With: XMLHttpRequest` to make it easier for clients to make POST/PUT/PATCH/DELETE requests without authentication. Discussion: https://grist.slack.com/archives/C0234CPPXPA/p1666355281535479 Test Plan: Added and updated DocApi tests. Tested manually how this affects requests made from a browser. Reviewers: paulfitz, dsagal Reviewed By: paulfitz, dsagal Differential Revision: https://phab.getgrist.com/D3678		2022-11-03 13:33:23 +02:00
..
declarations	(core) disentangle some server tests, release to core, add GRIST_PROXY_AUTH_HEADER test	2022-03-24 15:11:32 -04:00
lib	(core) Allow requests from untrusted origins but without credentials	2022-11-03 13:33:23 +02:00
utils	(core) add a yarn run cli tool, and add a sqlite gristify option	2022-07-14 12:00:30 -04:00
companion.ts	(core) show package.json version when hovering on Grist icon in grist-core	2022-10-12 16:02:01 -04:00
declarations.d.ts	(core) Faster builds all around.	2022-07-04 10:42:40 -04:00
devServerMain.ts	(core) Faster builds all around.	2022-07-04 10:42:40 -04:00
generateCheckpoint.ts	(core) get all tests working under python3/gvisor	2021-10-18 17:44:15 -04:00
generateInitialDocSql.ts	(core) get all tests working under python3/gvisor	2021-10-18 17:44:15 -04:00
localization.ts	Split client and server translations, organize by filename	2022-10-13 12:04:29 +02:00
mergedServerMain.ts	(core) dust off electron build a little bit	2022-07-29 11:19:26 -04:00
tsconfig.json	(core) Simple localization support and currency selector.	2021-08-26 13:36:49 -07:00