Releases: mccutchen/go-httpbin
Releases · mccutchen/go-httpbin
v2.17.1
v2.17.0
What's Changed
- feat: allow configuration of underlying
http.Server
by @mccutchen in #199 - ci: push to ghcr.io in addition to docker hub by @mccutchen in #200
Full Changelog: v2.16.1...v2.17.0
v2.16.1
What's Changed
- feat: allow specifying content-type for
/base64
responses by @mccutchen in #198
Full Changelog: v2.16.0...v2.16.1
v2.16.0
v2.15.0
Summary
⚠️ Minimum Go version is now 1.22⚠️ due to use of new stdlib router enhancements- New
/trailers
endpoint added Server-Timings
headers/trailers added to endpoints with client-controlled response times
What's Changed
- chore(build): bump docker image to 1.23 by @mccutchen in #180
- feat: use enhanced stdlib HTTP router by @mccutchen in #181
- chore(ci): fix code coverage uploads by @mccutchen in #183
- refactor: small tweak to template rendering helpers by @mccutchen in #182
- feat: add
/trailers
endpoint by @mccutchen in #184 - refactor: minor tweaks to
/drip
implementation by @mccutchen in #185 - feat: add
Server-Timing
headers/trailers where relevant by @mccutchen in #186
Full Changelog: v2.14.1...v2.15.0
v2.14.1
v2.14.0
What's Changed
- chore(ci): tweak codecov configuration by @mccutchen in #168
- add appProcotol to the k8s service for port name 'http' by @bcollard in #169
- fix: mitigate allowed redirect domain bypass by @mccutchen in #174
🔐 Security fix 🔐
This release fixes a bug that allowed clients to bypass the -allowed-redirect-domains
/ALLOWED_REDIRECT_DOMAINS
configuration used by the /redirect-to
endpoint by passing an absolute URL without a scheme (e.g. /redirect-to?url=//evil.com
).
See #173 and #174 for details about the issue and the fix, and see the Production Considerations section of the README for more info on why that configuration is important.
New Contributors
Full Changelog: v2.13.4...v2.14.0
v2.13.4
v2.13.3
What's Changed
- chore(ci): simplify CI config by @mccutchen in #164
- chore(ci): fix codecov configuration by @mccutchen in #165
- feat: add a kustomize base to the repository by @james-callahan in #144
- feat: allow POST, PUT, DELETE, PATCH methods on /basic-auth endpoint by @mgeuer in #166
New Contributors
- @james-callahan made their first contribution in #144
- @mgeuer made their first contribution in #166
Full Changelog: v2.13.2...v2.13.3
v2.13.2
What's Changed
- feat:
/status
endpoint supports weighted choice from multiple status codes by @mccutchen in #162
Full Changelog: v2.13.1...v2.13.2