diff options
author | Andrey Andreev <narf@devilix.net> | 2018-04-23 13:33:45 +0200 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2018-04-23 13:33:45 +0200 |
commit | 0a715d6df5d6d9de8da861dccd1dd5f16e738efc (patch) | |
tree | 4f9918d78076905544ea8c18f3fcef598647f6fb /user_guide_src/source/changelog.rst | |
parent | 4dab9f8db84d5286ef1da9217af9e44771433b2f (diff) |
[ci skip] Move changelog entry for PR #5391 from 3.1.8 to 3.1.9
Apparently I forgot to cherry-pick the actual change into 3.1-stable
Diffstat (limited to 'user_guide_src/source/changelog.rst')
-rw-r--r-- | user_guide_src/source/changelog.rst | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 36f655182..d2033ac39 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -7,6 +7,10 @@ Version 3.1.9 Release Date: Not Released +- **Security** + + - Updated :doc:`URL Helper <helpers/url_helper>` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking. + - General Changes - Updated :doc:`Query Builder <database/query_builder>` method ``limit()`` to allow ``0`` values. @@ -24,7 +28,6 @@ Release Date: Mar 22, 2018 - **Security** - - Updated :doc:`URL Helper <helpers/url_helper>` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking. - Updated :doc:`Security Library <libraries/security>` method ``xss_clean()`` to also filter JavaScript tag functions. - Fixed a bug where :doc:`Security Library <libraries/security>` method ``xss_clean()`` didn't check for parentheses around JavaScript's ``document``. |