rhodecode-enterprise-ce Files · docs/release-notes/release-notes-3.3.2.rst

forms: unified usage of h.secure_form. Make sure we ALWAYS pass in...

forms: unified usage of h.secure_form. Make sure we ALWAYS pass in request, and removed redundant 'POST' type.

marcink - - Load All Authors

File last commit:

r1:854a839a default


                r2105:4ad1a937

default

Download file

             release-notes-3.3.2.rst
        
                    25 lines
            
             | 499 B
            
                | text/x-rst
            
             |
                RstLexer

/ docs / release-notes / release-notes-3.3.2.rst

History | Annotation | Raw |Copy content |Copy permalink

|RCE| 3.3.2 |RNS|
Release Date
2015-06-05


security fixes
Stored XSS attempts on user login fields, and other text input fields.
DOM Based XSS attempts
HTML Injection
Cross frame scripting (XFS)
Invalidation of concurrent sessions on password change.
Downgrading of HTTPS connections.


fixes
Generation of URLs on system with custom URL prefixes.
VCSServer: Improved memory management of the cache data used by the server.

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages