10 lines
408 B
YAML
10 lines
408 B
YAML
---
|
|
fixes:
|
|
- |
|
|
Fixed validations in L7 rule and session cookie APIs in order to prevent
|
|
authenticated and authorized users to inject code into HAProxy
|
|
configuration. CR and LF (\\r and \\n) are no longer allowed in L7 rule
|
|
keys and values. The session persistence cookie names must follow the rules
|
|
described in
|
|
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie.
|