View Source Changelog

v3-0-3-2022-03-02
v3.0.3 - 2022-03-02

Released to keep tag integrity, equivalent to v3.0.0

BREAKING CHANGES / Fixes
- Remove allow-credentials when set to false (thanks @AntoineAugusti)
- Don't halt non-CORS OPTIONS requests

v2-0-3-2021-02-06
v2.0.3 - 2021-02-06

Fixes
- Use recent versions of Elixir and Erlang for testing (thanks @anthonator)
- Fix compilation warnings (thanks @thiamsantos)

v2-0-2-2020-02-18
v2.0.2 - 2020-02-18

Fixes
- Fixes an issue where the plug would error when no CORS header was set (thanks @alexeyds)

v2-0-1-2020-01-26
v2.0.1 - 2020-01-26

Enhancements
- Passing a function with arity 2 as origin will pass the conn to the function, allowing configuration based on conn (thanks @billionlaughs).
- You can now pass regexes as part of the list of origins (thanks @gabrielpra1).
Fixes
- Fixes an issue where the request was missing the access-control-request-headers (thanks @zhhz for the initial report and @mfeckie for the fix).

v2-0-0-2018-11-06
v2.0.0 - 2018-11-06

Enhancements
- Instead of sending "null" we don't set the headers at all if the origin doesn't match, as suggested by the CORS draft 7.2. Thanks to @YuLeven for initiating the discussion and @slashmili for fixing it. Since we change the return values I consider this a breaking change and released a new major version.
- You can now set the option send_preflight_response? to false (it's true by default) to stop CorsPlug sending a response to the preflight request. That way the correct headers are set but it's up to you to respond to the request downstream.

v1-5-2-2018-03-19
v1.5.2 - 2018-03-19

Fixes
- Relax version requirements

v1-5-1-2018-03-14
v1.5.1 - 2018-03-14

Fixes
- Send proper return value if Access-Control-Request-Headers is not present. (thanks @shivamMg)

v1-5-0-2017-12-06
v1.5.0 - 2017-12-06

Enhancements
- Allow configuration of origin via function (thanks @mauricioszabo).

v1-4-0-2017-01-13
v1.4.0 - 2017-01-13

Enhancements
- Allows both * as well as specific domains in the origins config, returns the corresponding value (thanks @mustafaturan)
Fixes
- Don't overwrite vary header values with "Origin", instead append it.
- Don't set vary header to empty string if not needed.
- Use Plug.Conn.merge_resp_headers/2

New major release because of the vary header changes, I don't expect this to break anything.

v1-3-0-2017-05-24
v1.3.0 - 2017-05-24

Enhancements
- Allows configuration via app config (see README.md, thanks @TokiTori).

v1-2-1-2017-02-07
v1.2.1 - 2017-02-07

Fixes
- Match for exact origin only (thanks @somlor and @JordanAdams).
- Add Vary to response header (thanks @linjunpop).

v1-2-0-2017-02-07
v1.2.0 - 2017-02-07

Fixes
- Remove cowboy dependency. Plug should be server-agnostic and this plug does not need cowboy. Thanks to @hauleth and @ewitchin for making me aware.

As I changed dependency this is a minor release. I don't anticipate any regressions tho.

v1-1-4-2017-05-24
v1.1.4 - 2017-05-24

Fixes
- Add method parens to suppress Elixir 1.4.0 warnings (thanks @seivan).

v1-1-3-2016-12-24
v1.1.3 - 2016-12-24

Enhancements
- Support regex for origin (thanks @somlor)

v1-1-2-2016-05-08
v1.1.2 - 2016-05-08

Enhancements
- Allow client to set allow-headers by sending request-headers when using a wildcard.

This enhancement is brought to you by @arathunku

v1-1-1-2016-03-11
v1.1.1 - 2016-03-11

Fixes
- Return "null" instead of null when no origin matches.

Many thanks to @somlor for the fix!

v1-1-0-2016-02-10
v1.1.0 - 2016-02-10

Enhancements
- Allow multiple origins. When configuring you can now pass a list for origins (plug: CORSPlug, origin: ~w(example1.com example2.com)).
Fixes
- Access-Control-Expose-Headers now works

Both of these have been brought to you by @jer-k - many thanks!

v1-0-0-2016-01-22
v1.0.0 - 2016-01-22

Fixes
- Don't override headers. Earlier headers would've been overriden by the CORS Plug. Amazing that this hasn't popped up before...

As this makes a backward-incompatible change (no longer overriding headers this is a new major).

v0-1-4-2015-09-24
v0.1.4 - 2015-09-24

Enhancements
- Add Access-Control-Expose-Headers (thanks @jaketrent)

v0-1-3-2015-07-09
v0.1.3 - 2015-07-09

Enhancements
- Add license
- Improve readme (thanks @leighhalliday, @patricksrobertson)
- Simplify travis.yml (thanks @lowks)

v0-1-2-2015-02-12
v0.1.2 - 2015-02-12

Release plug dependency

Next Page → CorsPlug

Settings View Source Changelog

v3-0-3-2022-03-02 v3.0.3 - 2022-03-02

v2-0-3-2021-02-06 v2.0.3 - 2021-02-06

v2-0-2-2020-02-18 v2.0.2 - 2020-02-18

v2-0-1-2020-01-26 v2.0.1 - 2020-01-26

v2-0-0-2018-11-06 v2.0.0 - 2018-11-06

v1-5-2-2018-03-19 v1.5.2 - 2018-03-19

v1-5-1-2018-03-14 v1.5.1 - 2018-03-14

v1-5-0-2017-12-06 v1.5.0 - 2017-12-06

v1-4-0-2017-01-13 v1.4.0 - 2017-01-13

v1-3-0-2017-05-24 v1.3.0 - 2017-05-24

v1-2-1-2017-02-07 v1.2.1 - 2017-02-07

v1-2-0-2017-02-07 v1.2.0 - 2017-02-07

v1-1-4-2017-05-24 v1.1.4 - 2017-05-24

v1-1-3-2016-12-24 v1.1.3 - 2016-12-24

v1-1-2-2016-05-08 v1.1.2 - 2016-05-08

v1-1-1-2016-03-11 v1.1.1 - 2016-03-11

v1-1-0-2016-02-10 v1.1.0 - 2016-02-10

v1-0-0-2016-01-22 v1.0.0 - 2016-01-22

v0-1-4-2015-09-24 v0.1.4 - 2015-09-24

v0-1-3-2015-07-09 v0.1.3 - 2015-07-09

v0-1-2-2015-02-12 v0.1.2 - 2015-02-12