diff options
| author | Bernhard Posselt <dev@bernhard-posselt.com> | 2016-08-25 17:54:35 +0200 |
|---|---|---|
| committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2016-08-25 17:54:35 +0200 |
| commit | 66c8819283e7088a508bdd07e2d1693f3757d42b (patch) | |
| tree | bf4bd7d565e95b34dd4fc08e9b1b936b8314171d /CHANGELOG.md | |
| parent | 360a9f3054d7e25c6a5c9b1917ec33e794765c7d (diff) | |
Prevent chrome from completing basic auth credentials
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 409f3e804..efe29f936 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +news (9.0.3) +* **Security (Low)**: Prevent browsers like Chrome from auto-filling your Nextcloud login credentials into Basic Auth form. This could lead users to accidentally saving their credentials in the database and disclosing them to the feed source when the feed is added/updated + news (9.0.2) * **Bugfix**: Do not return millisecond lastModified timestamps in API, #20 |