1.3.0 – 2020-04-07¶
Security¶
Prevent users from receiving an invalid authority parsed from a malicious URL. Previously we did not stop parsing the authority section at the first backslash (
\\) character. As a result, it was possible to trick our parser into parsing up to the first forward-slash (/) and thus generating an invalid authority.See also GitHub pr-64 and the blog post that sparked this change
Bug Fixes and Features¶
Add
from_uritoURIBuilderto allow creation of aURIBuilderfrom an existing URI.See also GitHub pr-63
Fix a typographical error in our documentation.
See also GitHub pr-61