- Improved path traversal detection on macOS
- Added protection for SSRF attacks targeting Alibaba cloud metadata service
- Improved SQL injection detection
- Fixed rate limiting bypass using URL encoding
- Zen is now compatible with older versions of
https-proxy-agent - Added support for custom IP headers (e.g.
do-connecting-ip) to detect client IPs when hosting providers use non-standard forwarding headers. See docs.