Skip to content

Commit e80c34e

Browse files
rouiljrouilj
committed
Log addition of CSP section for admin doc. Attribute other changes.
1 parent 6201081 commit e80c34e

File tree

1 file changed

+11
-8
lines changed

1 file changed

+11
-8
lines changed

CHANGES.txt

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -67,19 +67,20 @@ Fixed:
6767
Anonymous user. Replaces the old Create permission. (John Rouillard)
6868
- Allow '*' and explicit origins in allowed_api_origins. Only return
6969
'Access-Control-Allow-Credentials' when not matching '*'. Fixes
70-
security issue with rest when using '*'.
70+
security issue with rest when using '*'. (John Rouillard)
7171
- issue2551263: In REST response expose rate limiting, sunset, allow
72-
HTTP headers to calling javascript.
72+
HTTP headers to calling javascript. (John Rouillard)
7373
- issue2551257: When downloading an attached (user supplied file),
7474
make sure that an 'X-Content-Type-Options: nosniff' header is sent.
75+
(John Rouillard)
7576
- issue2551252 - default number of rounds for PKDF2 password increased
76-
to 2,000,000.
77+
to 2,000,000. (John Rouillard)
7778
- issue2551251 - migrate/re-encrypt PBKDF2 password if stored
7879
password used a smaller number of rounds than set in
79-
password_pbkdf2_default_rounds.
80+
password_pbkdf2_default_rounds. (John Rouillard)
8081
- upgrade from jquery-3.5.1 to jquery-3.6.3. Update user.help.html
81-
to new version.
82-
- Dockerfile scanned with hadolint. Fixed multiple issues.
82+
to new version. (John Rouillard)
83+
- Dockerfile scanned with hadolint. Fixed multiple issues. (John Rouillard)
8384

8485
Features:
8586

@@ -109,12 +110,14 @@ Features:
109110
- issue2551243: schema-dump.py enhanced with anti-CSRF headers. Flake8
110111
cleanup and python2 support. (John Rouillard)
111112
- issue2551253 - new password hash PBDKF2-SHA512 added. Not available
112-
by default. See issue ticket for details.
113+
by default. See issue ticket for details. (John Rouillard)
113114
- roundup-admin migrate command reports the schema version.
114115
- issue2551262 - the mail gateway subject prefix now allows spaces
115116
before/after prefix. Also allow spaces between classname and id
116117
number in prefix designator. So "[ issue 23 ] subject" is parsed
117-
like "[issue23] subject".
118+
like "[issue23] subject". (John Rouillard)
119+
- [doc]: add section on implementing CSP for Roundup to admin
120+
doc. (John Rouillard)
118121

119122
2022-07-13 2.2.0
120123

0 commit comments

Comments
 (0)