Mercurial > p > roundup > code
diff CHANGES.txt @ 6515:df4f955544aa
Explicitly match .json and .xml extension when used as last element of
the path component of a URI. This permits items like JWT that have multiple
'.' separated components to be passed in the path of the URI.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Wed, 20 Oct 2021 23:21:46 -0400 |
| parents | a036712c96f4 |
| children | a22ea1a7e92c |
line wrap: on
line diff
--- a/CHANGES.txt Mon Oct 18 20:12:09 2021 -0400 +++ b/CHANGES.txt Wed Oct 20 23:21:46 2021 -0400 @@ -31,6 +31,10 @@ encoded/compressed. (John Rouillard) - In REST interface do not raise UsageError for invalid api version. Return json error with proper message. Fixes crash. (John Rouillard) +- In REST interface, only allow .json or .xml (if supported) as + extensions. All other paths with a . in then will be passed through + without change. This allows items like a JWT to be passed as a path + element. (John Rouillard) Features: