Skip to content

Latest commit

 

History

History
139 lines (94 loc) · 4.17 KB

CHANGELOG.md

File metadata and controls

139 lines (94 loc) · 4.17 KB

Changelog

v2.0.3 - 2021-02-06

  • Fixes
    • Use recent versions of Elixir and Erlang for testing (thanks @anthonator)
    • Fix compilation warnings (thanks @thiamsantos)

v2.0.2 - 2020-02-18

  • Fixes
    • Fixes an issue where the plug would error when no CORS header was set (thanks @alexeyds)

v2.0.1 - 2020-01-26

  • Enhancements
    • Passing a function with arity 2 as origin will pass the conn to the function, allowing configuration based on conn (thanks @billionlaughs).
    • You can now pass regexes as part of the list of origins (thanks @gabrielpra1).
  • Fixes
    • Fixes an issue where the request was missing the access-control-request-headers (thanks @zhhz for the initial report and @mfeckie for the fix).

v2.0.0 - 2018-11-06

  • Enhancements
    • Instead of sending "null" we don't set the headers at all if the origin doesn't match, as suggested by the CORS draft 7.2. Thanks to @YuLeven for initiating the discussion and @slashmili for fixing it. Since we change the return values I consider this a breaking change and released a new major version.
    • You can now set the option send_preflight_response? to false (it's true by default) to stop CorsPlug sending a response to the preflight request. That way the correct headers are set but it's up to you to respond to the request downstream.

v1.5.2 - 2018-03-19

  • Fixes
    • Relax version requirements

v1.5.1 - 2018-03-14

  • Fixes
    • Send proper return value if Access-Control-Request-Headers is not present. (thanks @shivamMg)

v1.5.0 - 2017-12-06

  • Enhancements
    • Allow configuration of origin via function (thanks @mauricioszabo).

v1.4.0 - 2017-01-13

  • Enhancements
    • Allows both * as well as specific domains in the origins config, returns the corresponding value (thanks @mustafaturan)
  • Fixes
    • Don't overwrite vary header values with "Origin", instead append it.
    • Don't set vary header to empty string if not needed.
    • Use Plug.Conn.merge_resp_headers/2

New major release because of the vary header changes, I don't expect this to break anything.

v1.3.0 - 2017-05-24

  • Enhancements
    • Allows configuration via app config (see README.md, thanks @TokiTori).

v1.2.1 - 2017-02-07

  • Fixes
    • Match for exact origin only (thanks @somlor and @JordanAdams).
    • Add Vary to response header (thanks @linjunpop).

v1.2.0 - 2017-02-07

  • Fixes
    • Remove cowboy dependency. Plug should be server-agnostic and this plug does not need cowboy. Thanks to @hauleth and @ewitchin for making me aware.

As I changed dependency this is a minor release. I don't anticipate any regressions tho.

v1.1.4 - 2017-05-24

  • Fixes
    • Add method parens to suppress Elixir 1.4.0 warnings (thanks @seivan).

v1.1.3 - 2016-12-24

  • Enhancements
    • Support regex for origin (thanks @somlor)

v1.1.2 - 2016-05-08

  • Enhancements
    • Allow client to set allow-headers by sending request-headers when using a wildcard.

This enhancement is brought to you by @arathunku

v1.1.1 - 2016-03-11

  • Fixes
    • Return "null" instead of null when no origin matches.

Many thanks to @somlor for the fix!

v1.1.0 - 2016-02-10

  • Enhancements
    • Allow multiple origins. When configuring you can now pass a list for origins (plug: CORSPlug, origin: ~w(example1.com example2.com)).
  • Fixes
    • Access-Control-Expose-Headers now works

Both of these have been brought to you by @jer-k - many thanks!

v1.0.0 - 2016-01-22

  • Fixes
    • Don't override headers. Earlier headers would've been overriden by the CORS Plug. Amazing that this hasn't popped up before...

As this makes a backward-incompatible change (no longer overriding headers this is a new major).

v0.1.4 - 2015-09-24

v0.1.3 - 2015-07-09

  • Enhancements
    • Add license
    • Improve readme (thanks @leighhalliday, @patricksrobertson)
    • Simplify travis.yml (thanks @lowks)

v0.1.2 - 2015-02-12

  • Release plug dependency