This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/struts-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new c4c240e8b Updates stage by Jenkins
c4c240e8b is described below
commit c4c240e8b8728476bd693276e85ef162ee7b2c38
Author: jenkins <[email protected]>
AuthorDate: Fri Jul 14 06:07:02 2023 +0000
Updates stage by Jenkins
---
content/security/index.html | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/content/security/index.html b/content/security/index.html
index 70fc2fe3f..c9df55726 100644
--- a/content/security/index.html
+++ b/content/security/index.html
@@ -433,6 +433,10 @@ more in the Strict Method Invocation section of <a
href="../core-developers/acti
<h3 id="resource-isolation-using-fetch-metadata">Resource Isolation Using
Fetch Metadata</h3>
+<blockquote>
+ <p>Note: since Struts 6.0.0</p>
+</blockquote>
+
<p>Fetch Metadata is a mitigation against common cross origin attacks such as
Cross-Site Request Forgery (CSRF). It is
a web platform security feature designed to help servers defend themselves
against cross-origin attacks based
on the preferred resource isolation policy. The browser provides information
about the context of an HTTP request
@@ -450,7 +454,7 @@ can be exempted from applying the policy. Read more about
Fetch Metadata and res
<h3 id="cross-origin-isolation-with-coop-and-coep">Cross Origin Isolation with
COOP and COEP</h3>
<blockquote>
- <p>Note: since Struts 2.6.</p>
+ <p>Note: since Struts 6.0.0</p>
</blockquote>
<p><a
href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy";>Cross-Origin
Opener Policy</a> is
