Thymeleaf 3.0.9 (3.0.9.RELEASE) has been just published.
This is a maintenance release with some bugfixing and feature changes. It should work as a drop-in replacement for 3.0.x versions. Have a look at our Download Page to learn how to obtain it.
Also, note that this version includes a couple of security-related improvements, so upgrading is heavily recommended.
THYMELEAF 3.0.9 CHANGE LOG
Changes to the Thymeleaf CORE:
Changes to the Thymeleaf SPRING integration packages:
If you are interested, you can have a look at the list of issues on GitHub:
And of course we invite you to visit the project website at http://www.thymeleaf.org
Explaining the changes in the restricted expression evaluation mode
Thanks to the fact that Thymeleaf actually understands the HTML that it processes (because it parses it), developers can benefit from the template engine helping them reduce the risks of code injection as much as possible. Thymeleaf does this by preventing the use of direct input from users in certain parts of the template. This direct input from users refers to request parameters, as these might not have passed a validation process at the controller.
SPECIAL NOTES FOR THE Spring 5 WebFlux INTEGRATION
How does Thymeleaf operate in a reactive-friendly way for Spring 5 WebFlux?
Like previous versions, this new version of the Spring 5 integration module includes updated support for the new Spring 5 WebFlux reactive web framework. When used with WebFlux, Thymeleaf can operate in one of three reactive-friendly modes:
Read more about these reactive-friendly operation modes at the thymeleaf-spring5 JavaDocs.
Also, note that there are three sandbox applications prepared to serve as examples of the general thymeleaf-spring5 integration with Spring 5 WebFlux:
|Free forum by Nabble||Edit this page|