jason v1.2.1

Version Release Notes from May 04, 2020 (about 6 years ago)

« Changelog History

jason v1.2.1 Release Notes

Release Date: 2020-05-04 // about 6 years ago

🔒 Security
- 🛠 Fix html_safe escaping in Jason.encode
The <!-- sequence of characters would not be escaped in Jason.encode withhtml_escape mode, which could lead to DoS attacks when used for embedding of arbitrary, user controlled strings into HTML through JSON (e.g. inside of <script> tags).

If you were not using the html_safe option, you are not affected.

Affected versions: < 1.2.1 Patched versions: >= 1.2.1

Awesome Elixir is part of the LibHunt network. Terms. Privacy Policy.

We recommend Spin The Wheel Of Names for a cryptographically secure random name picker.