- [Plug.BasicAuth] Add
Plug.BasicAuth
- [Plug.Conn] Add built-in support for signed and encrypted cookies
- [Plug.Exception] Allow to use atoms as statuses in the
plug_status
field for exceptions
- [Plug.Router] Handle malformed URI as bad requests
- [Plug.Conn.Cookies] Make
decode
split on;
only, remove$
-prefix condition - [Plug.CSRFProtection] Generate url safe CSRF masks
- [Plug.Parsers] Treat invalid content-types as parsing errors unless
:pass
is given - [Plug.Parsers] Ensure parameters are merged when falling back to
:pass
clause - [Plug.Parsers] Use HTTP status code 414 when query string is too long
- [Plug.SSL] Rewrite port when rewriting a request coming to a standard port
- [Plug] Make Plug fully compatible with new Elixir child specs
- [Plug.Exception] Add actions to exceptions that implement
Plug.Exception
and render actions inPlug.Debugger
error page - [Plug.Parsers] Add option to skip utf8 validation
- [Plug.Parsers] Make multipart support MFA for
:length
limit - [Plug.Static] Accept MFA for
:header
option
- [Plug.Builder] Ensure init_mode option is respected within the Plug.Builder DSL itself
- [Plug.Session] Fix dropping session with custom max_age
- [Plug.CSRFProtection] Increase entropy and ensure forwards compatibility with future URL-safe CSRF tokens
- [Plug.CSRFProtection] Allow state to be dumped from the session and provide an API to validate both state and tokens
- [Plug.Session.Store] Add
get/1
to retrieve the store from a module/atom - [Plug.Static] Support Nginx range requests
- [Plug.Telemetry] Allow extra options in
Plug.Telemetry
metadata
- [Plug.Conn] Add
get_session/1
for retrieving the whole session - [Plug.CSRFProtection] Add
Plug.CSRFPRotection.load_state/2
andPlug.CSRFPRotection.dump_state/0
to allow tokens to be generated in other processes - [Plug.Parsers] Allow unnamed parts in multipart parser via
:include_unnamed_parts_at
- [Plug.Router] Wrap router dispatch in a connection checkpoint to avoid losing information attached to the connection in error cases
- [Plug.Telemetry] Add
Plug.Telemetry
to facilitate with telemetry integration
- [Plug.Conn.Status] Use IANA registered status code for HTTP 425
- [Plug.RequestID] Reduce RequestID size by relying on base64 encoding
- [Plug.Static] Ensure etags are quoted correctly
- [Plug.Static] Ensure vary header is set in 304 response
- [Plug.Static] Omit content-encoding header in 304 responses
- [Plug.Parser.MULTIPART] Support UTF-8 filename encoding in multipart parser
- [Plug.Router] Add
builder_opts
support to:dispatch
plug - [Plug.SSL] Do not disable client renegotiation
- [Plug.Upload] Raise when we can't write to disk during upload
- [Plug.Adapters.Cowboy] Less verbose output when plug_cowboy is missing
- [Plug.Adapters.Cowboy2] Less verbose output when plug_cowboy is missing
- [Plug] Require Elixir v1.4+
- [Plug.Session] Support MFAs for cookie session secrets
- [Plug.Test] Add
put_peer_data
- [Plug.Adapters.Cowboy] Extract into plug_cowboy
- [Plug.Adapters.Cowboy2] Extract into plug_cowboy
- [Plug.SSL] Don't redirect excluded hosts on Plug.SSL
- [Plug] Applications may need to add
:plug_cowboy
to your deps to use this version