Dancer2 0.300004 Released
The Dancer Core Team would like to announce the availability of Dancer2 0.300004. This release brings several important fixes and enhancements:
Session cookies can be restricted to a first-party or same-site context
There were a number of spots where Dancer2 would return a 500 error upon receiving an invalid request, rather than (correctly) returning 400 - Bad Request. Many, if not all, of these have been fixed.
For more information about same-site context, please refer to RFC-6265bis.
To use this, add the cookie_same_site
key to your session engine configuration
in the appropriate YAML file. Valid settings include Strict
, Lax
, and None
.
The complete changelog is as follows: 0.300004 2020-05-26 20:52:34-04:00 America/New_York
[ BUG FIXES ]
* GH #1509: Request instantiation fails throw 400 Bad Response (Russell
@veryrusty Jenkins). This resolves GH #1056, 1482, 1496, 1507, 1508,
and 1510.
[ ENHANCEMENTS ]
* GH #1510: Test for proper multi-part form handing (ice-lenor, Sawyer X)
* GH #1547: Cookie SameSite support (Russell @veryrusty Jenkins)
[ DOCUMENTATION ]
* None
Thanks for your pull requests and bug reports. We really appreciate the help we receive from our community!
Until next time, keep on Dancing!