uAdmin v0.5.1 Release Notes
Release Date: 2020-08-07 // over 3 years ago-
[0.5.1] Atlas Moth - 2020-08-07
โ Added
๐ Changed
- dAPI function
method
can return a value if the method called has a return. Note: if you have a return, you cannot use$next
to redirect.
๐ Deprecated
โ Removed
๐ Fixed
- ๐ Fixed false possitive SQL Injection in dAPI join.
- ๐ Fixed false detection in
customGet
for private fields of type[]struct
as an M2M field. - ๐ป Typo in uadmin command line tool.
๐ Security
- CSRF protection in dAPI in functions:
add
,edit
,delete
andmethod
. - Tamplate function
CSRF
implemented inuadmin.RenderHTML
anduadmin.RenderHTMLMulti
. It returns anti CSRF token. uadmin.IsAuthenticated
recognizesnouser
sessions. These sessions are for users who are not authenticated in the system. To set a session cookie, userSetSessionCookie
uadmin.SetSessionCookie
receives a pointer to a session and sets the session cookie in a secure way. If you pass anil
to the session, the session will be created as anouser
session which is still a session but gives the user to access as an authenticated user. These sssions can be used to protect against CSRF attacks in case you have a public API.
- dAPI function