diff options
| author | David Lord <davidism@gmail.com> | 2023-04-28 09:16:44 -0700 |
|---|---|---|
| committer | David Lord <davidism@gmail.com> | 2023-04-28 09:16:44 -0700 |
| commit | 18616d24dc4cce4973fbb6a55bcc5396c5add311 (patch) | |
| tree | 5c2ccc2c605da856044d5a4a2768508e01514eb0 /CHANGES.rst | |
| parent | 5c32263a2ba135bad8b085087f4035b3c135f67e (diff) | |
| download | werkzeug-18616d24dc4cce4973fbb6a55bcc5396c5add311.tar.gz | |
cookie path=/ default
Diffstat (limited to 'CHANGES.rst')
| -rw-r--r-- | CHANGES.rst | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/CHANGES.rst b/CHANGES.rst index e47232fe..7dd5f1ba 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -8,6 +8,8 @@ Unreleased - Parse the cookie ``Expires`` attribute correctly in the test client. :issue:`2669` - ``max_content_length`` can only be enforced on streaming requests if the server sets ``wsgi.input_terminated``. :issue:`2668` +- The cookie ``Path`` attribute is set to ``/`` by default again, to prevent clients + from falling back to RFC 6265's ``default-path`` behavior. :issue:`2672` Version 2.3.1 |