Django 1.8.18 release notes

来源 1 浏览 196 扫码分享 2021-04-08 21:19:04

Django 1.8.18 release notes

Django 1.8.18 fixes two security issues in 1.8.17.

Also, if a developer relies on to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.

CVE-2017-7234: Open redirect vulnerability in `django.views.static.serve()`

Note, however, that this view has always carried a warning that it is not hardened for production use and should be used only as a development aid.

本文档使用 BookStack 构建

展开/收起文章目录