Skip to content

v4.6.3
Compare
Choose a tag to compare
@lcharette lcharette released this 15 Dec 01:26
· 39 commits to master since this release
v4.6.3
15d713a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Security

  • Added placeholder URL for site.uri.public in configuration to guard against Host Header Injection attacks by default in production.

IMPORTANT : As of 4.6.3, site.uri.public must be explicitly set in your production configuration to avoid security issues. If not set, some links and emails will not work properly. See Going Live for more info.

What's Changed

Full Changelog: v4.6.2...v4.6.3

Contributors

lcharette and Silic0nS0ldier
Assets 2
Loading
0 Join discussion