Security fix: enforce browser origin validation for all browser-originated WebSocket connections regardless of proxy headers, closing cross-site WebSocket hijacking in trusted-proxy mode (GHSA-5wcw-8jjv-m286).
No detailed content for this feature yet.
View full release notes on GitHub →