1.9.5

htmx 1.9.5 Release

I’m happy to announce the 1.9.5 release of htmx.

New Features

• You can disable the interpretation of script tags with the new htmx.config.allowScriptTags config variable

• You can now disable htmx-based requests to non-origin hosts via the htmx.config.selfRequestsOnly config variable

Improvements & Bug fixes

• The Security section has been expanded to help developers better understand how to properly secure their htmx-based applications.

• Web sockets now properly pass the target id in the HEADERS struct

• A very rare loading state bug was fixed (see https://github.com/bigskysoftware/htmx/commit/93bd81b6d003bb7bc445f10192bdb8089fa3495d)

• hx-on will not evaluate if allowEval is set to false

Thank you to everyone who contributed, and enjoy!