Pippo v1.12.0 Release Notes
Release Date: 2018-12-11 // over 5 years ago-
๐ Fixed
- [#454]: Lead to RCE when unmarshal xml data with XStream
- [#458]: Java deserialization vulnerability in
SerializationSessionDataTranscoder.decode()
- [#463]: Resolve undertow settings not getting picked
- [#483]: Use
WebSockets.sendClose
to send close code/reason - ๐ [#485]: Use undertow channel tasks to remove closed/broken connections
- [#486]: Resolve xxe vulnerabilities
๐ Changed
- 0๏ธโฃ [#465]: Made
SessionData
an interface, and introducedDefaultSessionData
- โก๏ธ [#467]: Updated
FastJSON
to latest version 1.2.51
โ Added
- [#260]: Add
route
method helper in templates (only for Pebble engine) - [#468]: Add wrapper method in
Request
to get header names - [#474]: Send
gzip
response whenAccept-Encoding:*
is present
โ Removed