Skip to content
This repository was archived by the owner on Oct 6, 2021. It is now read-only.

Version 1.4.1

Choose a tag to compare

View all tags
@paragonie-scott paragonie-scott released this 13 Nov 00:42
· 198 commits to master since this release
v1.4.1
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Verified
Learn about vigilant mode.
0281118
  • #161:
    Don't hard-code HTTP/1.1 in response headers.
  • #164:
    Fixed dead code in Skyport landing.
  • HackerOne #181210:
    Correctly detect .onion URLs. If this malfunctions, there is a
    nonzero risk of MITM attack (because HTTPS wasn't enforced on
    .onion URLs).
  • HackerOne #181225:
    Prevent phishing attacks via pages opened with target="_blank".
  • HackerOne #181315:
    Consistently use binary-safe string functions.
Assets 4
Loading