Skip to content
This repository has been archived by the owner on Feb 25, 2019. It is now read-only.

Security update
Compare
Choose a tag to compare
@adalinesimonian adalinesimonian released this 03 Sep 21:37
· 236 commits to master since this release
0.1.53
17a34ac

If you are running Anvil Connect 0.1.52 or earlier, please upgrade to 0.1.53. This release patches a security vulnerability.

Changes:

  • Fix: unverified redirect_uri redirect vulnerability (#216)
  • Fix: Improve nv command behaviour and output
  • Fix: Improve standards-compliance with fragment and query string URLs
  • Fix: Validate redirect_uris properly (#215)
  • Fix: Validate that jwks and jwks_uri are not both used on clients (#98)
  • New: Support none response_type (#55)
Assets 2
Loading