Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
WebOb 1.8.8 released
9 views
Skip to first unread message
Delta Regeer
Aug 14, 2024, 12:57:27 AM8/14/24
to pylons-...@googlegroups.com, pylons...@googlegroups.com
Hello all,
I have just released WebOb 1.8.8 which fixes an open redirect when it normalizes the location header in the Response object when the response type is a redirect.
This affects Pyramid when used with the append_slash_notfound_view, and any use of WebOb that has a Response object receive a location that is not a fully qualified URI with a scheme.
See https://pypi.org/project/WebOb/1.8.8/ and https://github.com/Pylons/webob/security/advisories/GHSA-mg3v-6m49-jhp3
Thanks,
Delta Regeer
I have just released WebOb 1.8.8 which fixes an open redirect when it normalizes the location header in the Response object when the response type is a redirect.
This affects Pyramid when used with the append_slash_notfound_view, and any use of WebOb that has a Response object receive a location that is not a fully qualified URI with a scheme.
See https://pypi.org/project/WebOb/1.8.8/ and https://github.com/Pylons/webob/security/advisories/GHSA-mg3v-6m49-jhp3
Thanks,
Delta Regeer
Reply all
Reply to author
Forward
0 new messages