Pippo v1.12.0 Release Notes

Release Date: 2018-12-11 // over 5 years ago
  • ๐Ÿ›  Fixed

    • [#454]: Lead to RCE when unmarshal xml data with XStream
    • [#458]: Java deserialization vulnerability in SerializationSessionDataTranscoder.decode()
    • [#463]: Resolve undertow settings not getting picked
    • [#483]: Use WebSockets.sendClose to send close code/reason
    • ๐Ÿšš [#485]: Use undertow channel tasks to remove closed/broken connections
    • [#486]: Resolve xxe vulnerabilities

    ๐Ÿ”„ Changed

    • 0๏ธโƒฃ [#465]: Made SessionData an interface, and introduced DefaultSessionData
    • โšก๏ธ [#467]: Updated FastJSON to latest version 1.2.51

    โž• Added

    • [#260]: Add route method helper in templates (only for Pebble engine)
    • [#468]: Add wrapper method in Request to get header names
    • [#474]: Send gzip response when Accept-Encoding:* is present

    โœ‚ Removed