Skip to content

V1.7.0🛡️

Choose a tag to compare

View all tags
@kittendevv kittendevv released this 26 Oct 08:25
· 24 commits to main since this release
v1.7.0
5244325
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Security changes

  • Added middleware to enforce secure headers in both backend and frontend, including HSTS, CSP, and various security policies.
  • Replaced basic authentication with JWT bearer token for admin routes and login functionality.
  • Implemented safe URL parsing and validation for remote resources.
  • Improved error handling and response messages for authentication processes.
  • Updated frontend to handle JWT tokens and manage session cookies securely.
  • Refactored template installation logic to ensure safe file paths and identifiers.
  • Enhanced HTML rendering functions to escape user input and prevent XSS vulnerabilities.
  • Fixed versioning display on dashboard
Assets 2
Loading