Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release version 3.0.9 #273

Merged
merged 1 commit into from Aug 30, 2020
Merged

Release version 3.0.9 #273

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
@@ -1,5 +1,11 @@
# Change Log

## 3.0.9
### Security
- Escape path before evaluating resource rules (thanks to Colby Morgan). Prior to this, flask-cors incorrectly
evaluated CORS resource matching before path expansion. E.g. "/api/../foo.txt" would incorrectly match resources for
"/api/*" whereas the path actually expands simply to "/foo.txt"

## 3.0.8
Fixes : DeprecationWarning: Using or importing the ABCs from 'collections' in Python 3.7.
Thank you @juanmaneo and @jdevera for the contribution.
Expand Down
2 changes: 1 addition & 1 deletion flask_cors/version.py
View file
Open in desktop
@@ -1 +1 @@
__version__ = '3.0.8'
__version__ = '3.0.9'