Closed chrismytton closed 9 years ago
This fixes the security issue with serve-static because this version of express depends on a newer version of connect, which in turn depends on a version of serve-static which isn't vulnerable to the open redirect issue.
Fixes https://github.com/mysociety/popit/issues/742
Looks fine
This fixes the security issue with serve-static because this version of express depends on a newer version of connect, which in turn depends on a version of serve-static which isn't vulnerable to the open redirect issue.
Fixes https://github.com/mysociety/popit/issues/742