diff options
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r-- | actionpack/CHANGELOG.md | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index b4d3da3603..3324dfa623 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,8 @@ +* Extend cross-site request forgery (CSRF) protection to GET requests with + JavaScript responses, protecting apps from cross-origin `<script>` tags. + + *Jeremy Kemper* + * Fix generating a path for engine inside a resources block. Fixes #8533. |