ยซ Changelog History


Kong v0.5.1 Release Notes

Release Date: 2015-10-13 // over 8 years ago

  • ๐Ÿ›  Fixing a few glitches we let out with 0.5.0!

    โž• Added

    • ๐Ÿ”Œ Basic Authentication and HMAC Authentication plugins now also send the X-Credential-Username to the upstream server.
    • Admin API now accept JSON when receiving a CORS request. #580
    • โž• Add a WWW-Authenticate header for HTTP 401 responses for basic-auth and key-auth. #588

    ๐Ÿ”„ Changed

    • Protect Kong from POODLE SSL attacks by omitting SSLv3 (CVE-2014-3566). #563
    • โœ‚ Remove support for key-auth key in body. #566

    ๐Ÿ›  Fixed

    • ๐Ÿ”Œ Plugins
      • HMAC
      • The migration for this plugin is now correctly being run. #611
      • Wrong username doesn't return HTTP 500 anymore, but 403. #602
      • JWT: iss not being found doesn't return HTTP 500 anymore, but 403. #578
      • OAuth2: client credentials flow does not include a refresh token anymore. #562
    • ๐Ÿ›  Fix an occasional error when updating a plugin without a config. #571

    Back to TOC