Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changelog pando version 0.39 #716

Merged
merged 2 commits into from
Oct 18, 2016
Merged

Changelog pando version 0.39 #716

merged 2 commits into from
Oct 18, 2016

Conversation

pyup-vuln-bot
Copy link
Collaborator

Keywords: security

  • fix two security bugs related to CRLF injection
    CRLF injection gratipay/security-qf35us#1
  • remove argv-based configuration; Website now takes kwargs instead (455)
  • remove exec-based configuration, i.e., configure-aspen.py (373); use kwargs
    to Website or environment variables instead
  • add a base_url configuration setting and use it in a new algorithm
    function, redirect_to_base_url (457)
  • improve the redirect API: it's now at website.redirect instead of
    request.redirect; it honors the new website.base_url; and it takes an
    optional response object (458)

@pyup-vuln-bot pyup-vuln-bot merged commit a71c09d into master Oct 18, 2016
@pyup-vuln-bot pyup-vuln-bot deleted the changelog-pando-version-0.39 branch October 18, 2016 10:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@pyup-vuln-bot