someone commented lines securing app_dev.php from opening by other than local hosts. I think this is not a good idea to leave it that way. Unfortunately, reporting of issues are disabled in this repository on github, that’s why i report it here.
It was introduced here https://github.com/oroinc/platform-application/commit/019f0143bc362d50101e8939e1c16d7ed123d8ab, with commit message “Frontend fixes”. Is there any reasonable justification for this change?
The forum ‘OroPlatform – Security’ is closed to new topics and replies.