While getting ready for 1.0.0,
we merged some changes that created a very funny behaviour:
null == null # false
If you’re wondering what the problem is, well, when we evaluate null
we always create a new Null object rather than re-using one (a-la singleton),
so when you end up comparing those 2 objects…well, they’re different.
This was a trivial fix and
we’ve already released 1.0.2 to address the issue. As usual:
It contains 160+ pages of content dedicated to securing web applications and improving your security awareness when building
web apps, with chapters ranging from explaining how to secure HTTP cookies with the right flags to understanding why it is
important to consider joining a bug bounty program.