|QUOTE: Key security changes |
* Fix for character encoding inheritance issue with frames, which could enable cross-site scripting. See the advisory.
* Fixed an issue regarding handling of FTP PASV response, as reported by Mark at bindshell.net
* XMLHttpRequest now treats separate ports on the same server as a different server. Issue reported by Egmont Koblinger.
* Fixed an issue where scripts could continue to run after leaving the page, as reported by Herrmann Manuel.
* Skandiabanken.no's message about successful certificate installation is now shown.