Download Latest Version 8.2.0 source code.tar.gz (161.8 kB)
Email in envelope

Get an email when there's a new version of Giraffe

Home / v8.2.0
Name Modified Size InfoDownloads / Week
Parent folder
8.2.0 source code.tar.gz 2025-11-12 161.8 kB
0
8.2.0 source code.zip 2025-11-12 199.3 kB
3 3 weekly downloads
README.md 2025-11-12 3.0 kB
0
Totals: 3 Items   364.2 kB 3

Breaking changes

  • Some security fixes for Giraffe - Credits @Thorium
    • New handlers added to improve security aspects, like safeRedirectTo, safeRedirectToExt, validateCsrfTokenExt and more. Those deal with:
      • URL validation in redirectTo to prevent cross-site scripting (XSS)
      • Cross-Site Request Forgery (CSRF) token validation helpers
    • XML serializer's Deserialize<'T>(xml: string) method now uses a configuration to prevent XXE attacks.
  • Remove [\<AllowNullLiteral>] attribute from Json.ISerializer and Xml.ISerializer - Credits @64J0
    • With the release of .NET 9 we have nullable reference types.
    • When this feature is enabled (<Nullable>enable</Nullable>), our users started running into problems that boils down to Json.ISerializer having the AllowNullLiteral attribute.
    • Due to it, we decided to remove this attribute from both the Json.ISerializer and the Xml.ISerializer.
      • New automated tests were added to assert that the serializers are still working properly.
      • We also updated some sample projects to use this feature.

Other updates

Source: README.md, updated 2025-11-12