Kong v0.10.1 Release Notes

Release Date: 2017-03-27 // almost 7 years ago
  • ๐Ÿ”„ Changed

    • โฌ‡๏ธ :warning: Serf has been downgraded to version 0.7 in our distributions, although versions up to 0.8.1 are still supported. This fixes a problem when automatically detecting the first non-loopback private IP address, which was defaulted to 127.0.0.1 in Kong 0.10.0. Greater versions of Serf can still be used, but the IP address needs to be manually specified in the cluster_advertise configuration property.
    • โš  :warning: The CORS Plugin parameter config.origin is now config.origins. #2203

    :red_circle: Post-release note (as of 2017/05/12): A faulty behavior has been observed with this change. Previously, the plugin would send the * wildcard when config.origin was not specified. With this change, the plugin does not send the * wildcard by default anymore. You will need to specify it manually when configuring the plugin, with config.origins=*. This behavior is to be fixed in a future release.

    :white_check_mark: Update (2017/05/24): A fix to this regression has been released as part of 0.10.3. See the section of the Changelog related to this release for more details.

    • Admin API:
      • Disable support for TLS/1.0. #2212

    โž• Added

    • Admin API:
      • Active targets can be pulled with GET /upstreams/{name}/targets/active. #2230
      • Provide a convenience endpoint to disable targets at: DELETE /upstreams/{name}/targets/{target}. Under the hood, this creates a new target with weight = 0 (the correct way of disabling targets, which used to cause confusion). #2256
    • ๐Ÿ”Œ Plugins:
      • cors: Support for configuring multiple Origin domains. #2203

    ๐Ÿ›  Fixed

    • ๐Ÿ‘‰ Use an LRU cache for Lua-land entities caching to avoid exhausting the Lua VM memory in long-running instances. #2246
    • Avoid potential deadlocks upon callback errors in the caching module for database entities. #2197
    • ๐Ÿ“œ Relax multipart MIME type parsing. A space is allowed in between values of the Content-Type header. #2215
    • Admin API:
      • Better handling of non-supported HTTP methods on endpoints of the Admin API. In some cases this used to throw an internal error. Calling any endpoint with a non-supported HTTP method now always returns 405 Method Not Allowed as expected. #2213
    • CLI:
      • Better error handling when missing Serf executable. #2218
      • Fix a bug in the kong migrations command that would prevent it to run correctly. #2238
      • Trim list values specified in the configuration file. #2206
      • Align the default configuration file's values to the actual, hard-coded default values to avoid confusion. #2254
    • ๐Ÿ”Œ Plugins:
      • hmac: Generate an HMAC secret value if none is provided. #2158
      • oauth2: Don't try to remove credential values from request bodies if the MIME type is multipart, since such attempts would result in an error. #2176
      • ldap: This plugin should not be applied to a single Consumer, however, this was not properly enforced. It is now impossible to apply this plugin to a single Consumer (as per all authentication plugin). #2237
      • aws-lambda: Support for us-west-2 region in schema. #2257

    Back to TOC