rhodecode-enterprise-ce Files · docs/release-notes/release-notes-3.3.2.rst

comments: fix extracing auth_user from the passed in objects. Before if auth_user is empty we could relly on INT or STR passed in

marcink - - Load All Authors

File last commit:

r1:854a839a default


                r3026:71b96937

stable

Download file

             release-notes-3.3.2.rst
        
                    25 lines
            
             | 499 B
            
                | text/x-rst
            
             |
                RstLexer

/ docs / release-notes / release-notes-3.3.2.rst

History | Annotation | Raw |Copy content |Copy permalink

|RCE| 3.3.2 |RNS|
Release Date
2015-06-05


security fixes
Stored XSS attempts on user login fields, and other text input fields.
DOM Based XSS attempts
HTML Injection
Cross frame scripting (XFS)
Invalidation of concurrent sessions on password change.
Downgrading of HTTPS connections.


fixes
Generation of URLs on system with custom URL prefixes.
VCSServer: Improved memory management of the cache data used by the server.

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages