Auth security round: SB3 (email tokens out of URL query → fragment), SA4 (server-side session revocation + 'Log out other sessions'), SA3 (trusted-proxy X-Forwarded-For so rate limits can't be bypassed via a forged header).
1 line
7 B
Text
1 line
7 B
Text
0.39.0
|