Releases: wallarm/api-firewall
Release v0.7.2 (2024-04-16)
- Add demo of the APIFW with OWASP CRS
- [API Mode] Fix multiple entries in the related_fields
- [API Mode] Change the log level for the request validation errors
Other upgraded assets:
Release v0.7.1 (2024-04-15)
- [API Mode] Bug fixes
- Update router
- Add support of the content-type suffix
Other upgraded assets:
Release v0.7.0 (2024-04-03)
Release v0.6.17 (2024-03-28)
- Upgrade Go up to 1.21
- [Proxy, API] Add support for subnets in Allow IP list feature
- [Proxy, API] Add IP address validation in Allow IP list feature
- [API] Add new version of DB structure support to the API mode
- [GraphQL] Add APIFW_GRAPHQL_BATCH_QUERY_LIMIT env parameter
Other upgraded assets:
Release v0.6.16 (2024-02-28)
- Add AllowIPList Feature: Restrict access to endpoints by defining a list of allowed IP addresses.
- Fixed the processing issues of the HEAD request type in the api mode
- Improved log messages by adding host and path parameters, providing immediate insight into request destinations. #78
- Adjusted TEXT log formatting to remove multi-line outputs. All log messages in TEXT logging mode are now formatted in a single line, enhancing readability for log parsers. For example, previously, multi-line outputs were consolidated into a single line, replacing occurrences of \r\n with spaces. #79
- Implemented a solution to generate unique request_id values, resolving conflicts caused by the incremental nature of request_id. #80
- Add tests
- Dependency upgrade
Other upgraded assets:
Release v0.6.15 (2023-12-19)
- Dependency upgrade
- Bug fixes
- Add tests
- When operating in the
apimode, the API Firewall now returns error messages in responses for requests containing parameter values that exceed the minimum and maximum limits defined in the OpenAPI specification
Other upgraded assets:
Release v0.6.14 (2023-11-23)
- Introduced new environment variables to limit GraphQL queries:
APIFW_GRAPHQL_MAX_ALIASES_NUMandAPIFW_GRAPHQL_FIELD_DUPLICATION. - Implemented more detailed responses for requests that do not match mounted specifications in the API non-proxy mode.
Other upgraded assets:
Release v0.6.13 (2023-09-08)
Release v0.6.12 (2023-08-08)
-
Ability to set the general API Firewall mode using the APIFW_MODE environment variable. The default value is PROXY. When set to API, you can validate individual API requests based on a provided OpenAPI specification without further proxying.
-
Introduced the ability to allow OPTIONS requests for endpoints specified in the OpenAPI, even if the OPTIONS method is not explicitly defined. This can be achieved using the APIFW_PASS_OPTIONS variable. The default value is false.
-
Introduced a feature that allows control over whether requests should be identified as non-matching the specification if their parameters do not align with those outlined in the OpenAPI specification. It is set to true by default.
-
This can be controlled through the APIFW_SHADOW_API_UNKNOWN_PARAMETERS_DETECTION variable in PROXY mode and via the APIFW_API_MODE_UNKNOWN_PARAMETERS_DETECTION variable in API mode.
-
The new logging level mode TRACE to log incoming requests and API Firewall responses, including their content. This level can be set using the APIFW_LOG_LEVEL environment variable.
-
Dependency updates
-
Bug fixes
Other upgraded assets:
Release v0.6.11 (2023-02-10)
- Add decompression for the request body and response body
- Add APIFW_SERVER_DELETE_ACCEPT_ENCODING env var (possible values are True or False). If the value is True then the Accept-Encoding header will be deleted from proxied requests. The default value is False
- Fix 56 and 57 issues
- Add tests
- Update Dockerfile
Other upgraded assets: