You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The http.send built-in function follows redirects by default which policy authors may not expect, thus leading to unexpected policy evaluation results (especially if the http.send inputs are constructed based on query inputs.)
We should make http.send disable redirects by default and expose an option to allow policy authors to explicitly enable them.
The text was updated successfully, but these errors were encountered:
The
http.send
built-in function follows redirects by default which policy authors may not expect, thus leading to unexpected policy evaluation results (especially if thehttp.send
inputs are constructed based on query inputs.)We should make
http.send
disable redirects by default and expose an option to allow policy authors to explicitly enable them.The text was updated successfully, but these errors were encountered: