Closed jordyvanderhaegen closed 4 days ago
Thanks for this and the explanation, what a disappointing end to a nifty project! Great that there's a Cloudflare alternative, but thankfully this is really no longer needed with evergreen browsers out there.
Sorry, I'm not clear on this - has todays update (2.1.20) actually fixed this security issue with Polyfill.io? I don't see that in the changelog notes?
Also, is Formie 1.6.x impacted?
No version of Formie is directly impacted by this, technically. These are example templates that recommended to include the polyfill if you used the cache-busting JS we provided. As such, this is code included on your end in your project.
it can be simply and safely revoked from your project.
Ahhh, awesome - thanks!
Hi!
The documentation mentions a reference to polyfill.io, which was recently found to be infected.
This PR removes the reference entirely, as fetch and promises are now supported by most major browsers.