The Dancer Core Team would like to announce the availability of Dancer2 0.300004. This release brings several important fixes and enhancements:
Session cookies can be restricted to a first-party or same-site context
There were a number of spots where Dancer2 would return a 500 error upon receiving an invalid request, rather than (correctly) returning 400 - Bad Request. Many, if not all, of these have been fixed.
For more information about same-site context, please refer to RFC-6265bis.
To use this, add the
cookie_same_site key to your session engine configuration
in the appropriate YAML file. Valid settings include
The complete changelog is as follows: 0.300004 2020-05-26 20:52:34-04:00 America/New_York
[ BUG FIXES ] * GH #1509: Request instantiation fails throw 400 Bad Response (Russell @veryrusty Jenkins). This resolves GH #1056, 1482, 1496, 1507, 1508, and 1510. [ ENHANCEMENTS ] * GH #1510: Test for proper multi-part form handing (ice-lenor, Sawyer X) * GH #1547: Cookie SameSite support (Russell @veryrusty Jenkins) [ DOCUMENTATION ] * None
Thanks for your pull requests and bug reports. We really appreciate the help we receive from our community!
Until next time, keep on Dancing!