write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv 3 What’s new in Tornado 6.3.2 May 13, 2023 Security improvements • Fixed an open redirect vulnerability in StaticFileHandler under certain configurations. 6.9.4 What’s new in Tornado 6.3.1 Apr 21 What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were

write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv 3 What’s new in Tornado 6.3.2 May 13, 2023 Security improvements • Fixed an open redirect vulnerability in StaticFileHandler under certain configurations. 6.9.4 What’s new in Tornado 6.3.1 Apr 21 What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were

write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv 3 What’s new in Tornado 6.3.2 May 13, 2023 Security improvements • Fixed an open redirect vulnerability in StaticFileHandler under certain configurations. 6.9.4 What’s new in Tornado 6.3.1 Apr 21 What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were

write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv 2 What’s new in Tornado 6.3.2 May 13, 2023 Security improvements • Fixed an open redirect vulnerability in StaticFileHandler under certain configurations. 6.9.3 What’s new in Tornado 6.3.1 Apr 21 What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were

write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv 7 What’s new in Tornado 6.3.2 May 13, 2023 Security improvements • Fixed an open redirect vulnerability in StaticFileHandler under certain configurations. 170 Chapter 6. DocumentationTornado Documentation What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were

write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were version parameters to support transitions between cookie formats. The new cookie format fixes a vulnerability that may be present in applications that use multiple cookies where the name of one cookie is

write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were version parameters to support transitions between cookie formats. • The new cookie format fixes a vulnerability that may be present in applications that use multiple cookies where the name of one cookie is

Release 4.5.3 Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were version parameters to support transitions between cookie formats. • The new cookie format fixes a vulnerability that may be present in applications that use multiple cookies where the name of one cookie is

write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were version parameters to support transitions between cookie formats. • The new cookie format fixes a vulnerability that may be present in applications that use multiple cookies where the name of one cookie is

write()). Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archiv What’s new in Tornado 4.2.1 Jul 17, 2015 Security fix • This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were version parameters to support transitions between cookie formats. • The new cookie format fixes a vulnerability that may be present in applications that use multiple cookies where the name of one cookie is