- Updated custom 404 detection algorithm to use less memory.
- cookie_string option is now decoded before being parsed into a Cookie object.
- Cookie#expires_to_time bugfixed to return nil if expiry time is “0”.
- Arachni::URI.cheap_parse — Updated to sanitize the encoding of each parameter name and value individually. [Issue #303]
- Fixed regression caused by the Parser requiring the HTTP Response to include the original Request.
- Fixed SSL interceptor behavior on redirects — now delegates everything to the user facing Proxy.
- CSRF — Updated to mark forms with a detected nonce as safe.
In the meantime, I’ve been putting the finishing touches on the new and extra cool distributed crawler which will debut in v0.4.2 and will appear in the experimental branch (and subsequently in the nightlies) in a couple of weeks or so.
Then, I’ll get back to working on the new Rails WebUI, which the project desperately needs.
That’s all for now, cheers,