Version 1.2.13

khalwat released this 21 Dec 20:57

· 191 commits to v1 since this release

59b7b12

Security

Added a $enableDownloadFileEndpoint settings/config option (set to false by default) to control whether the download files action is publicly accessible
The download files action now strips any relative paths from the incoming request
The download files action now restricts downloads to Craft's allowedFileExtensions

Changed

Moved the CSS/JS buildchain over to webpack 5

Assets 2