v2.3.0-beta – bugfix nuget release

• Using albacore v3 to build /@haf
• Fixed #616 /@JacobChang
• New YoLo, * [Owin, Cookie] Map.put -> Map.add /@haf
• Updated DotLiquid throughout, fixes #477 #642 /@inosik

Pending for beta.2 is #644 #643

There's a remaining package semver fix needed, it would seem.

v2.2.0

Bugfix/minor fixes release. Minor because you may need to recompile a single function call if you're manually creating cookies (now supports the SameSite flag, thanks @JacobChang)! Also, YoLo is again not auto-opened in the public namespace; if you have started depending on its API, you'll need to copy-paste YoLo or read its README to add it to your own project. (Thanks @haf (me) for this unbreakage)

Should fix issues with .Net core not loading Suave due to an invalid assembly version. Thanks @rmunn for the infrastructure fix.

Suave is now tested on Mono 5 successfully.

This also fixes #626 – by removing the Content-Length header from the WebSocket responses. Thanks @JacobChang

v2.1.1

Suave v2.1.1 release notes

• Bugfix for Suave on .Net Core version specification in subproject-nugets
• application/pdf added to recognised MIME types (@haf)
• Html.fs: add rawText as non-html-escaping alternative to text. Thanks to Ville M.
• Improved documentation, particularly sessions and how Suave's HMAC cryptography works, by @danieljsummers
• CORS module improvements (Access-Control-Expose-Headers) by @alex-bogomaz
• Also thanks to @enricosada for fixing .Net Core building after its breakage!

v2.1.0

Implements partial file request support thanks @simonhdickson

v2.0.5 – security release, .Net Core 1.0.1 support

This release brings with it a security bug fix and support for the latest .Net Core. As such, we strongly recommend upgrading all previous versions of Suave to this version.

.Net Core upgrade

Like always @enricosada has been busy making wonderful improvements to the project. Now, Suave, Suave.Experimental and Suave.DotLiquid all support the latest version of .Net Core.

UTF8 multibyte character handling security fix

The issue was using String.Length to get the length of the number of bytes to write. Because UTF16 (in .Net strings) and the target UTF8 (as output) is a prefix coding that can output multi-byte characters, this could cause strings with UTF8 characters to output beyond the buffer into subsequent buffers.

You can see the change made to fix this bug, as well as a new continuously tested property that the sum of bytes in the UTF8 representation of the string equals the sum of bytes written mod to-be-written/are buffered.

A big thanks goes out to @rmunn for identifying and lending his assistance towards fixing the bug!

/Henrik and Ademar

v2.0.4 – Suave.Testing + Expecto v4.x

This new release of Suave.Testing supports the latest Expecto release.

v2.0.3 – logging improvements

Version 2.0.3

v2.0.2 – Bump of dependencies

With this release, Suave.Testing can be used with Expecto v3.x.

v2.0.1

In this patch release we fixed the following issues:

• Target .NET 4.6 (#559)
• Fix nuget packaging (#557)
• Fix to allow storing any type in the Session state (#564)

Henrik & Ademar

v2.0.0 – Easy living

This release is a culmination of a lot of improvements to stability and functionality of Suave. This release also marks full .Net Core support.

In the order of most recent appearance on master, these are the major features/fixes of v2.0:

• (Suave) Change from port 8083 to 8080 by default.
• (Suave.Experimental) More valid HTML printing with Suave.Experimental.Html
• (Suave) Multipart forms support all of UTF-8. Tested in China.
• (Suave) A new forwards-compatible logging infrastructure using Logary Facade including pretty-printing.
• (Suave.Tests, Suave.Testing) Moved from Fuchu to Expecto
• (Suave[.OWIN]) SignalR supported (websocket support to OWIN)
• (Suave) Better logging of exceptions through the new logging infrastructure
• (Suave[.Authentication]) Session id fixes
• (Suave[.OWIN]) ClaimsPrincipals support
• (Suave) Bugfixes for serving large files under load
• (Suave) Added queryParamOpt and queryFlag to HttpRequest to make it easier to check for flags.
• (Suave[.WebSocket]) Fixes found during load-testing Suave's own WebSocket implementation
• (Suave[.OWIN]) Cookie parsing bugfixes
• (Suave) Adding 306 and 426 status codes
• (Suave[.DotLiquid]) Refactored to be parametised so that it can e.g. render e-mails without writing to Suave's output buffers
• (Suave) all .mk functions have been renamed .create.
• (Suave[.OWIN]) Added working Identity Server example, tested to work with Identity Server
• (Suave[.Files]) Disposing file streams when serving files to avoid locking files
• (Suave) A lot of back and forth with the mono team to make the current master branch of mono work well with Suave (through our testing infrastructure)
• (Suave[.EventSource]) Emitting a preamble – EventSource is a low-tech, stable, cross-browser alternative to WebSockets; for push data.
• (Suave[.Cookies]) Warn if a cookie being set is larger than 4 KiB and will be truncated by browsers
• (Suave[.Cookies]) Allow = in cookie values
• (Suave[.Authentication]) Support deauthenticating
• (Suave) Bugfixes in pathScan for urls with spaces in them
• (Suave) Auto-expanding buffer-manager

Suave v2 has been through a couple of months of release candidates and has been tested in production; so it should be good to go!

Happy requesting,
Henrik & Ademar