1
0
mirror of https://github.com/bitwarden/browser synced 2024-12-24 17:11:55 +01:00

Expand serve origin protection warning (#4024)

This warning was kept vague during fix rollout, but now that we're more
than a release past, we can expand the explanation.
This commit is contained in:
Matt Gibson 2022-11-11 09:07:34 -05:00 committed by GitHub
parent c5512fba02
commit b96ae86de2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -478,7 +478,7 @@ export class Program extends BaseProgram {
.option("--port <port>", "The port to run your API webserver on.")
.option(
"--disable-origin-protection",
"If set, allows requests with origin header. Not recommended!"
"If set, allows requests with origin header. Warning, this option exists for backwards compatibility reasons and exposes your environment to known CSRF attacks."
)
.on("--help", () => {
writeLn("\n Notes:");