search

GSA / smartpay-training

Prototype for new GSA SmartPay training quizzes
8 stars 4 forks source link

Dependabot Alert: Undici proxy-authorization header not cleared on cross-origin redirect in fetch #501

Closed JennaySDavis closed 3 months ago

JennaySDavis commented 4 months ago

Impact: Undici already cleared Authorization headers on cross-origin redirects but did not clear Proxy-Authorization headers.

JennaySDavis commented 3 months ago

This dependabot alert was addressed with the following pull request https://github.com/GSA/smartpay-training/pull/517