Skip to content

Latest commit

 

History

History
345 lines (209 loc) · 10.2 KB

CHANGELOG.md

File metadata and controls

345 lines (209 loc) · 10.2 KB

Changelog

v1.16.1 (2024-06-20)

Enhancements

  • Optimize cookie parsing by 10x (10x faster, 10x less memory) on Erlang/OTP 26+

v1.16.0 (2024-05-18)

Enhancements

  • Support x-forwarded-for in Plug.RewriteOn
  • Support MFArgs in Plug.RewriteOn
  • Add immutable directive to versioned requests in Plug.Static
  • Support disabling MIME type handling in Plug.Static

Bug fixes

  • Fix bug with discarded connection state in Plug.Debugger
  • Parse media types with underscores in them
  • Do not crash on max_age set to nil (for consistency)

v1.15.3 (2024-01-16)

Enhancements

  • Allow setting the port on the connection in tests
  • Allow returning {:ok, payload} on inform
  • Allow custom exceptions in validate_utf8 option
  • Allow skipping sent body on chunked replies

v1.15.2 (2023-11-14)

Enhancements

  • Add :assign_as option to Plug.RequestId
  • Improve performance of Plug.RequestId
  • Avoid clashes between Plug nodes
  • Add specs to Plug.BasicAuth
  • Fix a bug with non-string _method body parameters in Plug.MethodOverride

v1.15.1 (2023-10-06)

Enhancements

  • Relax requirement on plug_crypto

v1.15.0 (2023-10-01)

Enhancements

  • Add Plug.Conn.get_session/3 for default value
  • Allow Plug.SSL.configure/1 to accept all :ssl options
  • Optimize query decoding by 15% to 45% - this removes the previously deprecated :limit MFA and :include_unnamed_parts_at from MULTIPART. This may be backwards incompatible for applications that were relying on ambiguous arguments, such as user[][key]=1&user[][key]=2, which has unspecified parsing behaviour

v1.14.2 (2023-03-23)

Bug fixes

  • Properly deprecate Plug.Adapters.Cowboy before removal

v1.14.1 (2023-03-17)

Enhancements

  • Add nest_all_json option to JSON parser
  • Make action on Plug.Debugger page look like a button
  • Better formatting of exceptions on the error page
  • Provide stronger response header validation

v1.14.0 (2022-10-31)

Require Elixir v1.10+.

Enhancements

  • Add Plug.Conn.prepend_req_headers/2 and Plug.Conn.merge_req_headers/2
  • Support adapter upgrades with Plug.Conn.upgrade_adapter/3
  • Add "Copy to Markdown" button in exception page
  • Support exclusive use of tlsv1.3

Bug fixes

  • Make sure last parameter works within maps

Deprecations

  • Deprecate server pushes as they are no longer supported by browsers

v1.13.6 (2022-04-14)

Bug fixes

  • Fix compile-time dependencies in Plug.Builder

v1.13.5 (2022-04-11)

Enhancements

  • Support :via in Plug.Router.forward/2

Bug fixes

  • Fix compile-time deps in Plug.Builder
  • Do not require routes to be compile-time binaries in Plug.Router.forward/2

v1.13.4 (2022-03-10)

Bug fixes

  • Improve deprecation warnings

v1.13.3 (2022-02-12)

Enhancements

  • [Plug.Builder] Introduce :copy_opts_to_assign instead of builder_opts/0
  • [Plug.Router] Do not introduce compile-time dependencies in Plug.Router

v1.13.2 (2022-02-04)

Bug fixes

  • [Plug.Router] Properly fix regression on Plug.Router helper function accidentally renamed

v1.13.1 (2022-02-03)

Bug fixes

  • [Plug.Router] Fix regression on Plug.Router helper function accidentally renamed

v1.13.0 (2022-02-02)

Enhancements

  • [Plug.Builder] Do not add compile-time deps to literal options in function plugs
  • [Plug.Parsers.MULTIPART] Allow custom conversion of multipart to parameters
  • [Plug.Router] Allow suffix matches in the router (such as /feeds/:name.atom)
  • [Plug.Session] Allow a list of :rotating_options for rotating session cookies
  • [Plug.Static] Allow a list of :encodings to be given for handling static assets
  • [Plug.Test] Raise an error when providing path not starting with "/"

Bug fixes

  • [Plug.Upload] Normalize paths coming from environment variables

Deprecations

  • [Plug.Router] Mixing prefix matches with globs is deprecated
  • [Plug.Parsers.MULTIPART] Deprecate :include_unnamed_parts_at

v1.12.1 (2021-08-01)

Bug fixes

  • [Plug] Make sure module plugs are compile time dependencies if init mode is compile-time

v1.12.0 (2021-07-22)

Enhancements

  • [Plug] Accept mime v2.0
  • [Plug] Accept telemetry v1.0
  • [Plug.Conn] Improve performance of UTF-8 validation
  • [Plug.Conn.Adapter] Add API for creating a connection
  • [Plug.Static] Allow MFA in :from

v1.11.1 (2021-03-08)

Enhancements

  • [Plug.Upload] Allow transfer of ownership in Plug.Upload

Bug fixes

  • [Plug.Debugger] Drop CSP Header when showing error via Plug.Debugger
  • [Plug.Test] Populate query_params from Plug.Test.conn/3

v1.11.0 (2020-10-29)

Enhancements

  • [Plug.RewriteOn] Add a new public to handle x-forwarded headers
  • [Plug.Router] Add macro for head requests

Bug fixes

  • [Plug.CSRFProtection] Do not crash if request body params are not available
  • [Plug.Conn.Query] Conform www-url-encoded parsing to whatwg spec

Deprecations

  • [Plug.Parsers.MULTIPART] Deprecate passing MFA to MULTIPART in favor of a more composable approach

v1.10.4 (2020-08-07)

Bug fixes

  • [Plug.Conn] Automatically set secure when deleting cookies to fix compatibility with SameSite

v1.10.3 (2020-06-10)

Enhancements

  • [Plug.SSL] Allow host exclusion to be checked dynamically

Bug fixes

  • [Plug.Router] Fix router telemetry event to follow Telemetry specification. This corrects the telemetry event added on v1.10.1.

v1.10.2 (2020-06-06)

Bug fixes

  • [Plug] Make :telemetry a required dependency
  • [Plug.Test] Populate :query_string when params are passed in

Enhancements

  • [Plug] Add Plug.run/3 for running multiple Plugs at runtime
  • [Plug] Add Plug.forward/4 for forwarding between Plugs

v1.10.1 (2020-05-15)

Enhancements

  • [Plug.Conn] Add option to disable uft-8 validation on query strings
  • [Plug.Conn] Support :same_site option when writing cookies
  • [Plug.Router] Add router dispatch telemetry events
  • [Plug.SSL] Support :x_forwarded_host and :x_forwarded_port on :rewrite_on

Bug fixes

  • [Plug.Test] Ensure parameters are converted to string keys

v1.10.0 (2020-03-24)

Enhancements

  • [Plug.BasicAuth] Add Plug.BasicAuth
  • [Plug.Conn] Add built-in support for signed and encrypted cookies
  • [Plug.Exception] Allow to use atoms as statuses in the plug_status field for exceptions

Bug fixes

  • [Plug.Router] Handle malformed URI as bad requests

v1.9.0 (2020-02-07)

Bug fixes

  • [Plug.Conn.Cookies] Make decode split on ; only, remove $-prefix condition
  • [Plug.CSRFProtection] Generate url safe CSRF masks
  • [Plug.Parsers] Treat invalid content-types as parsing errors unless :pass is given
  • [Plug.Parsers] Ensure parameters are merged when falling back to :pass clause
  • [Plug.Parsers] Use HTTP status code 414 when query string is too long
  • [Plug.SSL] Rewrite port when rewriting a request coming to a standard port

Enhancements

  • [Plug] Make Plug fully compatible with new Elixir child specs
  • [Plug.Exception] Add actions to exceptions that implement Plug.Exception and render actions in Plug.Debugger error page
  • [Plug.Parsers] Add option to skip utf8 validation
  • [Plug.Parsers] Make multipart support MFA for :length limit
  • [Plug.Static] Accept MFA for :header option

Notes

  • When implementing the Plug.Exception protocol, if the new actions function is not implemented, a warning will printed during compilation.

v1.8.3 (2019-07-28)

Bug fixes

  • [Plug.Builder] Ensure init_mode option is respected within the Plug.Builder DSL itself
  • [Plug.Session] Fix dropping session with custom max_age

v1.8.2 (2019-06-01)

Enhancements

  • [Plug.CSRFProtection] Increase entropy and ensure forwards compatibility with future URL-safe CSRF tokens

v1.8.1 (2019-06-01)

Enhancements

  • [Plug.CSRFProtection] Allow state to be dumped from the session and provide an API to validate both state and tokens
  • [Plug.Session.Store] Add get/1 to retrieve the store from a module/atom
  • [Plug.Static] Support Nginx range requests
  • [Plug.Telemetry] Allow extra options in Plug.Telemetry metadata

v1.8.0 (2019-03-31)

Enhancements

  • [Plug.Conn] Add get_session/1 for retrieving the whole session
  • [Plug.CSRFProtection] Add Plug.CSRFPRotection.load_state/2 and Plug.CSRFPRotection.dump_state/0 to allow tokens to be generated in other processes
  • [Plug.Parsers] Allow unnamed parts in multipart parser via :include_unnamed_parts_at
  • [Plug.Router] Wrap router dispatch in a connection checkpoint to avoid losing information attached to the connection in error cases
  • [Plug.Telemetry] Add Plug.Telemetry to facilitate with telemetry integration

Bug fixes

  • [Plug.Conn.Status] Use IANA registered status code for HTTP 425
  • [Plug.RequestID] Reduce RequestID size by relying on base64 encoding
  • [Plug.Static] Ensure etags are quoted correctly
  • [Plug.Static] Ensure vary header is set in 304 response
  • [Plug.Static] Omit content-encoding header in 304 responses

v1.7.2 (2019-02-09)

  • [Plug.Parser.MULTIPART] Support UTF-8 filename encoding in multipart parser
  • [Plug.Router] Add builder_opts support to :dispatch plug
  • [Plug.SSL] Do not disable client renegotiation
  • [Plug.Upload] Raise when we can't write to disk during upload

v1.7.1 (2018-10-24)

  • [Plug.Adapters.Cowboy] Less verbose output when plug_cowboy is missing
  • [Plug.Adapters.Cowboy2] Less verbose output when plug_cowboy is missing

v1.7.0 (2018-10-20)

Enhancements

  • [Plug] Require Elixir v1.4+
  • [Plug.Session] Support MFAs for cookie session secrets
  • [Plug.Test] Add put_peer_data
  • [Plug.Adapters.Cowboy] Extract into plug_cowboy
  • [Plug.Adapters.Cowboy2] Extract into plug_cowboy

Bug fixes

  • [Plug.SSL] Don't redirect excluded hosts on Plug.SSL

Breaking Changes

  • [Plug] Applications may need to add :plug_cowboy to your deps to use this version

v1.6

See CHANGELOG in the v1.6 branch.