Skip to content

v0.15.0

Latest

Choose a tag to compare

@devAlphaSystem devAlphaSystem released this 06 Jul 03:58

Added

  • Added session-level configurations and connection-time validation to block private and reserved IP addresses for SSRF and DNS-rebinding protection.
  • Added absolute decompression limits to prevent memory exhaustion from zip-bomb attacks.

Changed

  • Updated the Public Suffix List rules and deferred trie construction to first use to reduce startup overhead.
  • Optimized performance of HPACK Huffman encoding, HTTP/2 buffer allocations, and WebSocket payload masking.

Fixed

  • Fixed vulnerabilities in TLS intermediate certificate chain validation by strictly enforcing CA status and validity checks.
  • Prevented HTTP request smuggling by automatically discarding Content-Length headers when chunked Transfer-Encoding is active.
  • Fixed caching behavior to properly serve fresh cached responses and accurately calculate elapsed age.