Old bootstrap version used on docs page doesn't get security updates anymore #9028
Unanswered
elramus
asked this question in
Potential Issue
Replies: 1 comment
-
I faced a similar issue after a security audit. To fix this I used the drf-redesign package which updates the browsable API and uses Bootstrap 5 instead of Bootstrap 3. It is one of the example ones from the docs, there are also suggestions on how to do this without a package if you don't want to use the package above: https://www.django-rest-framework.org/topics/browsable-api/#third-party-packages-for-customization |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Just finished up a security audit at my company and we were advised that it was a risk to expose any page still running Twitter Bootstrap < 4. The browsable docs page is on v3.4.1, which came out about 4 and a half years ago. Latest version of Bootstrap is v5.3.
Just curious if there were any plans to update this to a more recent version.
Thanks!
Beta Was this translation helpful? Give feedback.
All reactions