mirror of
https://github.com/0xMassi/webclaw.git
synced 2026-06-06 22:05:13 +02:00
docs: credit SSRF report
Some checks are pending
CI / Test (push) Waiting to run
CI / Lint (push) Waiting to run
CI / Docs (push) Waiting to run
Some checks are pending
CI / Test (push) Waiting to run
CI / Lint (push) Waiting to run
CI / Docs (push) Waiting to run
This commit is contained in:
Valerio
parent
bdf81fe6bf
commit
eede2f6953
1 changed files with 3 additions and 0 deletions
|
|
@ -5,6 +5,9 @@ Format follows [Keep a Changelog](https://keepachangelog.com/).
|
|||
|
||||
## [0.5.7] — 2026-04-30
|
||||
|
||||
### Security
|
||||
- Hardened server-side URL fetching against SSRF by rejecting private/internal IP ranges and unsafe redirect targets across CLI, MCP, and the self-hosted REST server. Thanks to KairoKid / dodge1218 (vonbrubeck@gmail.com) for the responsible report.
|
||||
|
||||
### Docs
|
||||
- README header now uses an `<h1>webclaw</h1>` instead of an `<h3>` slogan. The repo had no heading-level brand anchor before, only a banner image, so search engines indexing the README were missing the canonical brand signal. The new heading is what GitHub renders as the title of the page and what Google co-ranks with webclaw.io.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue