mirror
/
datasette
kopia lustrzana https://github.com/simonw/datasette
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Fixed link in release notes, refs #918

pull/927/head 0.46
Simon Willison 2020-08-09 09:09:07 -07:00
rodzic f25391de1f
commit b597aa07e6
1 zmienionych plików z 1 dodań i 1 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

2
docs/changelog.rst
Wyświetl plik

@ -12,7 +12,7 @@ Changelog
.. warning::
This release contains a security fix related to authenticated writable canned queries. If you are using this feature you should upgrade as soon as possible.
- **Security fix:** CSRF tokens were incorrectly included in read-only canned query forms, which could allow them to be leaked to a sophisticated attacker. See `issue xxx <>`__ for details.
- **Security fix:** CSRF tokens were incorrectly included in read-only canned query forms, which could allow them to be leaked to a sophisticated attacker. See `issue 918 <https://github.com/simonw/datasette/issues/918>`__ for details.
- Datasette now supports GraphQL via the new `datasette-graphql <https://github.com/simonw/datasette-graphql>`__ plugin - see `GraphQL in Datasette with the new datasette-graphql plugin <https://simonwillison.net/2020/Aug/7/datasette-graphql/>`__.
- Principle git branch has been renamed from ``main`` to ``master``. (`#849 <https://github.com/simonw/datasette/issues/849>`__)
- New debugging tool: ``/-/allow-debug tool`` (`demo here <https://latest.datasette.io/-/allow-debug>`__) helps test allow blocks against actors, as described in :ref:`authentication_permissions_allow`. (`#908 <https://github.com/simonw/datasette/issues/908>`__)