Releases: AikidoSec/firewall-java
Releases · AikidoSec/firewall-java
v1.0.10
What's Changed
- Add support for the new IP Allowlists
- Minor SSRF bugfix (Host header could have been flagged if the app made requests to itself)
- Minor improvements to private IP detection
v1.1.0 (Alpha)
v1.1.0-alpha Add 1ms sleep to SpringBootPostgres app
v1.0.9
What's Changed
- Now checks all matching routes for forced-off protection
- Now supports CIDR ranges for bypassed IPs and allowlisted IPs per route
- Sliding window rate-limiting
- Slightly improved route discovery
- Updated SQL Injection algorithm
v1.0.8
What's Changed
- Add full webflux support
v1.0.7
What's Changed
- Better IP Reporting
v1.0.6
What's Changed
- Don't block bypassed IP's that are in blocklists
- More File constructor coverage
- Maven app + instructions
- Minor SSRF bugfix
- More e2e testing
v1.0.5
What's Changed
- AIK-4390 Fix: Javalin route reporting not respecting status codes by @bitterpanda63 in #115
Contributors
bitterpanda63
Assets 4
v1.0.4
What's Changed
- AIK-4387 Make sure route hit reporting works for Java by @bitterpanda63 in #112
Contributors
bitterpanda63
Assets 4
v1.0.3
What's Changed
- More webflux support (still a work in progress)
- Rename AIKIDO_BLOCKING to AIKIDO_BLOCK
v1.0.2
What's Changed
- Add Javalin middleware & docs (Now officially supported!)
- Report attack statistics, hits, and middleware installed
- We now load binaries in the beginning with better error logging
- More sample apps & testing with opentel (is compatible)
- Include user in attack event