v1.10.0

1.10.0

Couper 1.10 is a feature release comprising new features for a more flexible and cleaner configuration. It also comes with some bug fixes and some smaller improvements. See below for a complete list of changes.

The new environment block along with its corresponding setting and the -e command line option allows for a cleaner and safer configuration if Couper is to be deployed in different environments. Read more about that feature in our example.

Labeled, reusable proxy blocks provide means for a leaner and less repetitive configuration.

In case a backend request requires authorization, the new beta_token_request block can request the required token and make the response available via the beta_token_response variable.

Finally, a stricter endpoint path validation for a clearer and more consistent path matching is now applied. Some characters or character sequences like ?, #, and /../ are no longer allowed; empty path parameters won't match anymore.

As always the Couper VSCode extension has been updated to support all new features.

We have launched our documentation website to find blocks and attributes more easily.

• Added

  • environment block, setting and couper.environment variable (#521, (#534, #545), (#546)
  • used go version in version command (#552)
  • new grant_types "password" and "urn:ietf:params:oauth:grant-type:jwt-bearer" with related attributes for oauth2 block (#555)
  • beta_token_request block, backend and beta_token_response variables and beta_token(s) properties of backends variable (#517)
  • reusable proxy block (#561)

• Changed

• Renamed -debug to -pprof and made debug port configurable via -pprof-port. Both command line options can also be specified via the respective settings. (#577)

• Fixed

  • form_body, headers and cookies can now be properly custom-logged (#535)
  • Disallow empty path parameters (#526)
  • Disallow endpoint path patterns not starting with /, endpoint path patterns and base_paths having . or .. segments (#584)
  • Basic Auth client authentication with OAuth2 (client ID and secret must be URL encoded) (#537)
  • Config validation, e.g. label-uniqueness checks (#563)
  • OIDC not using referenced backends, if only specific backends (configuration_backend, jwks_uri_backend, token_backend, userinfo_backend) were configured (#570)
  • OIDC configuration related go-routine leak after retrieving a new payload due to config ttl (#564)

• Removed

  • Endpoint path normalization to better match OpenAPI behavior (#526)