Skip to content

4.9.2
Compare
Choose a tag to compare
@gggeek gggeek released this 18 Dec 21:49
· 335 commits to master since this release
4.9.2
805d727

  • security fix: removed the possibility of an XSS attack in the debugger.
    Since the debugger is not designed to be exposed to end users but only to the developers using this library, and in the default configuration it is not exposed to requests from the web, the severity of this issue can be considered low.

  • improved: the debugger now uses jsxmlrpc lib version 0.6. It loads it from a cdn rather than locally.
    It also can make use of a 2nd constant to help telling it where the visual-editor form the jsxmlrpc lib is located, in case its path on disk relative to the debugger and its url relative to the web root do not match.

Assets 2
Loading