htmx - 1.9.5
Security
-
2023-08-25
-
Web sockets now properly pass the target id in the HEADERS struct
- A very rare loading state bug was fixed (see https://github.com/bigskysoftware/htmx/commit/93bd81b6d003bb7bc445f10192bdb8089fa3495d)
hx-on
will not evaluate ifallowEval
is set to false- You can disable the interpretation of script tags with the new
htmx.config.allowScriptTags
config variable - You can now disable htmx-based requests to non-origin hosts via the
htmx.config.selfRequestsOnly
config variable - The Security section has been expanded to help developers better understand how to
properly secure their htmx-based applications.
Security
Security wording was detected, but no CVEs were found.
Details
date
Aug. 25, 2023, midnight
name
1.9.5
type
Patch
👇
Register or login to:
- 🔍View and search all htmx releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!