Old bootstrap version used on docs page doesn't get security updates anymore #9028
Unanswered
elramus
asked this question in
Potential Issue
Replies: 1 comment
-
|
I faced a similar issue after a security audit. To fix this I used the drf-redesign package which updates the browsable API and uses Bootstrap 5 instead of Bootstrap 3. It is one of the example ones from the docs, there are also suggestions on how to do this without a package if you don't want to use the package above: https://www.django-rest-framework.org/topics/browsable-api/#third-party-packages-for-customization |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Just finished up a security audit at my company and we were advised that it was a risk to expose any page still running Twitter Bootstrap < 4. The browsable docs page is on v3.4.1, which came out about 4 and a half years ago. Latest version of Bootstrap is v5.3.
Just curious if there were any plans to update this to a more recent version.
Thanks!
Beta Was this translation helpful? Give feedback.
All reactions