Dancer2 0.300004 Released

The Dancer Core Team would like to announce the availability of Dancer2 0.300004. This release brings several important fixes and enhancements:

  • Session cookies can be restricted to a first-party or same-site context

  • There were a number of spots where Dancer2 would return a 500 error upon receiving an invalid request, rather than (correctly) returning 400 - Bad Request. Many, if not all, of these have been fixed.

For more information about same-site context, please refer to RFC-6265bis.

To use this, add the cookie_same_site key to your session engine configuration in the appropriate YAML file. Valid settings include Strict, Lax, and None.

The complete changelog is as follows: 0.300004 2020-05-26 20:52:34-04:00 America/New_York

* GH #1509: Request instantiation fails throw 400 Bad Response (Russell
  @veryrusty Jenkins). This resolves GH #1056, 1482, 1496, 1507, 1508,
  and 1510.

* GH #1510: Test for proper multi-part form handing (ice-lenor, Sawyer X)
* GH #1547: Cookie SameSite support (Russell @veryrusty Jenkins)

* None

Thanks for your pull requests and bug reports. We really appreciate the help we receive from our community!

Until next time, keep on Dancing!

1 Comment

Really appreciate the quality of this summary.

Leave a comment

About Jason A. Crome

user-pic Dancer developer, pilot, and hockey player.