diff options
author | Bernhard Posselt <dev@bernhard-posselt.com> | 2015-02-02 23:23:30 +0100 |
---|---|---|
committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2015-02-05 15:24:32 +0100 |
commit | 7c4b72e820ba2a04aaf3b4389714c30bfa284bcd (patch) | |
tree | ed9f3d2ca5a11a97b207d0d4b276879ba62b55a0 /CHANGELOG.md | |
parent | b02ea08db40dae100cd927b22afa8d349570c57e (diff) |
only allow iframe https content
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 9819fd641..e02ffe224 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +owncloud-news (5.2.2) +* **Security**: Only allow YouTube and Vimeo to embed iframes if they use HTTPS to prevent mixed active content iframe attacks + owncloud-news (5.2.1) * **Bugfix**: Fix admin settings by using the correct config path |