caddy/dist/CHANGES.txt

CHANGES

0.10.10 (October 9, 2017)

• Built with Go 1.9.1
• Removed Caddy-Sponsors header
• New 'on' directive that deprecates 'startup' and 'shutdown'
• Changed CASE_SENSITIVE_PATH default to false
• fastcgi: Support for SRV upstreams
• redir: Rules with if statements are not checked for duplicates
• Several minor bug fixes

0.10.9 (September 12, 2017)

• EULA bundled with official binaries
• Caddy-Sponsors header to indicate personal-use license
• proxy: Support for QUIC backends
• templates: Write proper status code if proxied
• tls: Fix bug related to cert renewals

0.10.8 (September 8, 2017)

• NACL compilation support
• Merge multiple consecutive slashes when comparing paths
• A few other bug fixes

0.10.7 (August 25, 2017)

• Built with Go 1.9
• New 3rd-party plugin directives: jekyll, awses, forwardproxy
• Different exit codes
• Plan 9 support
• Graceful binary upgrades with SIGUSR2
• internal: Support X-Accel-Redir without paths to protect
• templates: Can execute templates loaded by other middleware
• A few really good bug fixes

0.10.6 (July 28, 2017)

• fastcgi: Fix runtime error for 32-bit and ARM architectures

0.10.5 (July 27, 2017)

• Renamed requestid directive to request_id
• Set default idle timeout of 5 minutes
• New 3rd-party plugin directives: cache, nobots, webdav
• New Unix timestamp placeholder {when_unix}
• Improved MITM detection on iOS clients
• errors, log: Fix log rolling parsing
• gzip: Convert any ETag header to weak etag
• fastcgi: Reverted persistent connections (issue #1736)
• proxy: Added header loaded balancing policy
• proxy: Fix hang on chunked WebSockets (e.g. with HomeAssistant)
• Several other bug fixes and minor internal improvements

0.10.4 (June 28, 2017)

• Vendor all dependencies
• Improve MITM detection, add experimental Tor browser support
• New requestid directive to add request IDs to each request
• New HTTP plugins supported: authz, grpc, gopkg, reauth, restic
• browse: Refreshed default UI and added symlink indicators
• errors, log: Added rotate_compress directive to compress rolled logs
• markdown: Template files loaded at each request instead of just once
• proxy: Allow multiple Server header fields on downstream response
• proxy: Perform health checks by body substring
• rewrite,redir: Added 'not_starts_with' and 'not_ends_with' operators
• tls: New ca subdirective to specify CA endpoint per-site
• Several bug fixes

0.10.3 (May 19, 2017)

• Replace 'maxrequestbody' directive with 'limits' directive
• proxy: Configurable port for health check
• proxy: New load balance policy: uri_hash
• templates: Renamed .Push context action to .AddLink
• tls: Allow narrower certificate renewal window at startup (#1680)
• tls: Prefer ChaCha20 if hardware does not have AES-NI

0.10.2 (May 2, 2017)

• Hot fix for rule paths of "/" so that they match every request
• fastcgi: Match request paths that don't start with "/" even if rule does

0.10.1 (May 1, 2017)

• Reduced memory usage for gzip, templates, and MITM detection
• Fixed automatic HTTP->HTTPS redirects for sites with wildcard labels
• proxy: Fix 'without' subdirective
• A few other minor bug fixes and improvements

0.10 (April 20, 2017)

• Built on Go 1.8.1
• HTTPS interception detection
• Updated QUIC
• SIGUSR1 (reload) now works with QUIC servers
• New 'push' directive for HTTP/2 server push
• New 'index' directive to change the names of index files
• New -http-port and -https-port flags to change protocol ports
• New -disable-http-challenge and -disable-tls-sni-challenge flags
• New event hook plugin type
• New listener middleware plugin type
• New placeholders for cookie, query, and rewritten URI values
• basicauth: Ability to customize realm
• browse: Default template now sorts by name with directories first
• errors, log: Roll all logs by default
• errors, log: Ability to write to remote syslog
• errors, log: Standardized, simplified directive syntax
• log: Patched common log format by adding missing "-"
• proxy: New 'max_conns' setting to limit connections to upstreams
• proxy: New 'first' load balancing policy for first available host
• proxy: Health checks respect Host and insecure_skip_verify settings
• templates: New .RandomString action to add random padding to page
• timeouts: Disabled default HTTP timeouts
• tls: Settings now apply per-site rather than for entire listener
• tls: New 'alpn' setting to disable either HTTP/2 or HTTP/1.1 on per-site basis
• tls: Added curve X25519
• tls: Added ChaCha20-Poly1305 cipher suites
• tls: Renamed muststaple to must_staple
• tls: Setting max_certs obtains certs during handshakes for all hostnames
• Dozens of miscellaneous bug fixes and improvements
• New website
• New build infrastructure
• New deployment system

0.9.5 (January 24, 2017)

• New -validate flag to only check a Caddyfile, then exit
• New {when_iso} placeholder for timestamp ISO 8601 in UTC
• New {rewrite_path} and {rewrite_path_escaped} placeholders
• New 'timeouts' directive to configure or disable HTTP timeouts
• HTTP-level timeouts enabled by default
• basicauth: Authorization header stripped upon successful login
• browse: Added textbox to filter listing in default template
• browse: Sanitize file names and links in default template
• browse: Ensure active Caddyfile is hidden regardless of cwd
• fastcgi: New 'root' property, mainly for use with containers
• markdown: Apply some front matter fields as tags
• proxy: Fixed HTTP/2 upstream to backend; honors -http CLI flag
• proxy: Fixed websockets over HTTPS
• proxy: Reduced memory usage and improved performance
• proxy: Added support for HTTP trailers
• tls: Fixed deadlock that affected some background renewals
• Several other smaller bugs squashed and improvements made

0.9.4 (December 21, 2016)

• Updated QUIC
• New maxrequestbody directive to limit size of request body
• New {latency_ms} placeholder for latency always in ms
• Serve statically compressed .gz and .br files
• fastcgi: Support for multiple backends with basic load balancing
• proxy: Fixed handling of encoded 'without' paths
• proxy: Preserve trailing slash if present in request
• proxy: Fix HTTP/2 upstreams
• templates: New .Files action to list files in a directory
• templates: .Include can now pass arguments to included file
• tls: Added ability to customize preferred curves
• tls: Added support for Must-Staple on managed certificates
• tls: Fixed subtle edge case bug with TLS-SNI challenge
• Lots of minor fixes and improvements

0.9.3 (September 28, 2016)

• Updated QUIC to newer version
• import: Glob pattern matching 0 files is no longer an error
• fastcgi: Fixed persistent connections (disabled by default)
• fastcgi: Configurable connection pool size parameter
• proxy: Improved failover load balancing logic
• proxy: Avoids duplicating header fields that would be confusing
• proxy: New try_duration and try_interval parameters
• proxy: Fix for IP hash policy when downed hosts come back up
• Several other bug fixes and new tests

0.9.2 (September 20, 2016)

• New -catimeout option to customize ACME CA HTTP timeout
• import: Fix nested import absolute/relative paths
• log: Fix multiple log outputs
• proxy: Fix for keepalive in certain cases
• tls: Fix for PreferServerCipherSuites
• Numerous other bug fixes and internal improvements

0.9.1 (August 17, 2016)

• New {request_body} placeholder to log request body
• {remote} placeholder no longer uses X-Forwarded-For header
• {latency} placeholder rounds to nice looking number
• Add support for ratelimit plugin
• basicauth: Declaring realm named "Restricted"
• errors: Define catch-all/default error page with * character
• header: More control to add, set, or remove headers
• proxy: New keepalive setting to help accommodate busy servers
• proxy: New load balancing policy ip_hash
• proxy: Fixed WebSocket connections
• proxy: Fixed broken header logic
• proxy: Reuse existing connection for Upgrade requests
• proxy: Support for basic auth from header or upstream address
• templates: New .Env action to access environment variables
• tls: OCSP staples persisted to disk
• tls: ACME challenges honor bind directive
• tls: Fix default protocol version (minimum TLS 1.1)
• tls: Consume challenge requests only for names Caddy is solving for
• tls: The protocol syntax allows just one value if desired
• tls: Scoped max_certs limit to site instead of global maximum
• Many other bug fixes and minor enhancements

0.9 (July 18, 2016)

• New core
• New experimental QUIC support with -quic flag (HTTPS only)
• New -type option to specify other server types
• Moved ~/.caddy/letsencrypt to ~/.caddy/acme and reorganized assets
• Moved caddy package to top level folder, and pushed main to subfolder
• New {request} placeholder to dump entire request (without body)
• New {hostonly} placeholder for only hostname portion of host value
• Site addresses can have paths
• Site addresses can make some use of wildcards in domains
• Renamed -directives flag to -plugins
• Restarting no longer requires spawning a new process
• Removed -restart option
• fastcgi: Env variables now support placeholders
• import: Import paths now relative to Caddyfile, not current working dir
• markdown: Overhauled; removed site generation features
• proxy: More control of headers; deprecating proxy_header subdirective
• proxy: Specify multiple upstreams with optional port ranges
• proxy: New preset 'transparent' to simplify common pass-thru headers
• proxy: Chooses longest matching path; order declared is irrelevant
• redir: Added if and if_op subdirectives to make conditional redirects
• rewrite: Support for if_op to change how conditions are evaluated
• tls: Generate self-signed certificates in memory
• tls: Support for ACME DNS challenge with 10 providers
• tls: Support for TLS-SNI challenge during restarts
• Various bug fixes and enhancements

0.8.3 (April 26, 2016)

• Built with Go 1.6.2
• New pprof middleware for exposing process profiling endpoints
• New expvar middleware for exposing memory/GC performance
• New -restart option to force in-process restarts on Unix systems
• Only fail to start if managed certificate is expired (issue #642)
• Toggle case-sensitive path matching with environment variable
• File server now adds ETag header for static files
• browse: Replace .LinkedPath action with .BreadcrumbMap
• fastcgi: New except clause to exclude paths
• proxy: New max_conns setting to limit max connections per upstream
• proxy: New replaceable value for name of upstream host
• templates: New utility actions for dealing with strings
• tls: Customize certificate key with key_type (+ECC)
• tls: Session ticket keys are now rotated
• Many other minor internal improvements and bug fixes

0.8.2 (February 25, 2016)

• On-demand TLS can obtain certificates during handshakes
• Built with Go 1.6
• Process log (-log) is rotated when it gets large
• Managed certificates get renewed 30 days early instead of just 14
• fastcgi: Allow scheme prefix before address
• markdown: Support for definition lists
• proxy: Allow proxy to insecure HTTPS backends
• proxy: Support proxy to unix socket
• rewrite: Status code can be 2xx or 4xx
• templates: New .Markdown action to interpret included file as Markdown
• templates: .Truncate now truncates from end of string when length is negative
• tls: Set hard limit for certificates obtained with on-demand TLS
• tls: Load certificates from directory
• tls: Add SHA384 cipher suites
• Multiple bug fixes and internal changes

0.8.1 (January 12, 2016)

• Improved OCSP stapling
• Better graceful reload when new hosts need certificates from Let's Encrypt
• Current pidfile is now deleted when Caddy exits
• browse: New default template
• gzip: Added min_length setting
• import: Support for glob patterns (*) to import multiple files
• rewrite: New complex rules with conditions, regex captures, and status code
• tls: Removed DES ciphers from default cipher suite list
• tls: All supported certificates are OCSP-stapled
• tls: Allow custom configuration without specifying certificate and key
• tls: No longer allow HTTPS over port 80
• Dozens of bug fixes, improvements, and more tests across the board

0.8 (December 4, 2015)

• HTTPS by default via Let's Encrypt (certs & keys are fully managed)
• Graceful restarts (on POSIX-compliant systems)
• Major internal refactoring to allow use of Caddy as library
• New directive 'mime' to customize Content-Type based on file extension
• New -accept flag to accept Let's Encrypt SA without prompt
• New -email flag to customize default email used for ACME transactions
• New -ca flag to customize ACME CA server URL
• New -revoke flag to revoke a certificate
• New -log flag to enable process log
• New -pidfile flag to enable writing pidfile
• New -grace flag to customize the graceful shutdown timeout
• New support for SIGHUP, SIGTERM, and SIGQUIT signals
• browse: Render filenames with multiple whitespace properly
• core: Use environment variables in Caddyfile
• markdown: Include Last-Modified header in response
• markdown: Render tables, strikethrough, and fenced code blocks
• proxy: Ability to exclude/ignore paths from proxying
• startup, shutdown: Better Windows support
• templates: Bug fix for .Host when port is absent
• templates: Include Last-Modified header in response
• templates: Support for custom delimiters
• tls: For non-local hosts, default port is now 443 unless specified
• tls: Force-disable HTTPS
• tls: Specify Let's Encrypt email address
• Many, many more tests and numerous bug fixes and improvements

0.7.6 (September 28, 2015)

• Pass in simple Caddyfile as command line arguments
• basicauth: Support for legacy htpasswd files
• browse: JSON response with file listing
• core: Caddyfile as command line argument
• errors: Can write full stack trace to HTTP response for debugging
• errors, log: Roll log files after certain size or age
• proxy: Fix for 32-bit architectures
• rewrite: Better compatibility with fastcgi and PHP apps
• templates: Added .StripExt and .StripHTML methods
• Internal improvements and minor bug fixes

0.7.5 (August 5, 2015)

• core: All listeners bind to 0.0.0.0 unless 'bind' directive is used
• fastcgi: Set HTTPS env variable if connection is secure
• log: Output to system log (except Windows)
• markdown: Added dev command to disable caching during development
• markdown: Fixed error reporting during initial site generation
• markdown: Fixed crash if path does not exist when server starts
• markdown: Fixed site generation and link indexing when files change
• templates: Added .NowDate for use in date-related functions
• Several bug fixes related to startup and shutdown functions

0.7.4 (July 30, 2015)

• browse: Sorting preference persisted in cookie
• browse: Added index.txt and default.txt to list of default files
• browse: Template files may now use Caddy template actions
• markdown: Template files may now use Caddy template actions
• markdown: Several bug fixes, especially for large and empty Markdown files
• markdown: Generate index pages to link to markdown pages (sitegen only)
• markdown: Flatten structure of front matter, changed template variables
• redir: Can use variables (placeholders) like log formats can
• redir: Catch-all redirects no longer preserve path; use {uri} instead
• redir: Syntax supports redirect tables by opening a block
• templates: Renamed .Date to .Now and added .Truncate, .Replace actions
• Other minor internal improvements and more tests

0.7.3 (July 15, 2015)

• errors: Error log now shows timestamp with each entry
• gzip: Fixed; Default filtering is by extension; removed MIME type filter
• import: Fixed; works inside and outside server blocks
• redir: Query string preserved on catch-all redirects
• templates: Proper 403 or 404 errors for restricted or missing files

0.7.2 (July 1, 2015)

• Custom builds through caddyserver.com - extend Caddy by writing addons
• browse: Sort by clicking column heading or using query string
• core: Serving hostname that doesn't resolve issues warning then listens on 0.0.0.0
• errors: Missing error page during parse time is warning, not error
• ext: Extension only appended if request path does not end in /
• fastcgi: Fix for backend responding without status text
• fastcgi: Fix PATH_TRANSLATED when PATH_INFO is empty (RFC 3875)
• git: Removed from core (available as add-on)
• gzip: Enable by file path and/or extension
• gzip: Customize compression level
• log: Fix for missing status in log entry when error unhandled
• proxy: Strip prefix from path for proxy to path
• redir: Meta tag redirects
• templates: Support for nested includes
• Internal improvements and more tests

0.7.1 (June 2, 2015)

• basicauth: Patched timing vulnerability
• proxy: Support for WebSocket backends
• tls: Client authentication

0.7 (May 25, 2015)

• New directive 'internal' to protect resources with X-Accel-Redirect
• New -version flag to show program name and version
• core: Fixed escaped backslash characters inside quoted strings
• core: Fixed parsing Caddyfile for IPv6 addresses missing ports
• core: A notice is shown when non-local address resolves to loopback interface
• core: Warns if file descriptor limit is too low for production site (Mac/Linux)
• fastcgi: Support for Unix sockets
• git: Fixed issue that prevented pulling at designated interval
• header: Remove a header field by prefixing field name with "-"
• markdown: Simple static site generation
• markdown: Support for metadata ("front matter") at beginning of files
• rewrite: Experimental support for regular expressions
• tls: Customize cipher suites and protocols
• tls: Removed RC4 ciphers
• Other internal improvements that are not user-facing (more tests, etc.)

0.6 (May 7, 2015)

• New directive 'git' to automatically pull changes
• New directive 'bind' to override host server binds to
• New -root flag to specify root path to default site
• Ability to receive config data piped through stdin
• core: Warning if root directory doesn't exist at startup
• core: Entire process dies if any server fails to start
• gzip: Fixed Content-Length value when proxying requests
• errors: Error log now includes file and line number of panics
• fastcgi: Pass custom environment variables
• fastcgi: Support for HEAD, OPTIONS, PUT, PATCH, and DELETE methods
• fastcgi: Fixed SERVER_SOFTWARE variables
• markdown: Support for index files when URL points to a directory
• proxy: Load balancing with multiple backends, health checks, failovers, and multiple policies
• proxy: Add custom headers
• startup/shutdown: Run command in background with '&' at end
• templates: Added .tpl and .tmpl as default extensions
• templates: Support for index files when URL points to a directory
• templates: Changed .RemoteAddr to .IP and stripped out remote port
• tls: TLS disabled (with warning) for servers that are explicitly http://
• websocket: Fixed SERVER_SOFTWARE and GATEWAY_INTERFACE variables
• Many internal improvements

0.5.1 (April 30, 2015)

• Default host is now 0.0.0.0 (wildcard)
• New -host and -port flags to override default host and port
• core: Support for binding to 0.0.0.0
• core: Graceful error handling during heavy load; proper error responses
• errors: Fixed file path handling
• errors: Fixed panic due to nil log file
• fastcgi: Support for index files
• fastcgi: Fix for handling errors that come from responder

0.5 (April 28, 2015)

• Initial release