Changelog
​20200213​
Validation for
application/x-www-form-urlencodedencodedformDataparameters​The
proxy-requestactionThe functions
verify-xmldsig()anddecrypt-xml().
Parameter handling of the functions
decrypt()andcalc-signature().
Padding scheme for
encrypt()anddecrypt()to RSAES-OAEP.Relative paths in the
json-doc()function are resolved relative to the flow file's path.
​20200110​
The Swagger extension
x-flat-validateis now also recognized belowpaths/<path>andpaths/<path>/<operation>.The
force-cache-ttlrequest option​
Only allow operations defined in OpenAPI version 2.0 to be used in the
swagger.yaml​
The default value for the
use-http-cacherequest option is now false, even if no request options are configured.Segmentation fault (or double free) when eval is used to assign nodes from a node-set variable to another variable
​20191210​
The functions
apply-codecs(),encrypt(),decrypt(),calc-signature()andverify-signature()​The function
file-exists()​The
$errorvariable is set andexit-on-error/error flowhandling is triggered if a request error occursMore environment variables for system configuration and tuning​
If a path in
swagger.yamlends with/**, this entry matches the given path as well as arbitrary paths below it.
​Swagger validation now gracefully accepts empty objects in the definition.
Logging of template results for more flow actions​
Some alert messages were logged twice
Evaluating an undefined or
nullvariable, as a string, now returns the empty string instead of the stringnullIncorrect default content-type
text/xmlfor request bodiesThe
set-response-headersaction now replacesCache-Controlheaders instead of merging themThe
serveaction now correctly handles whitespace and other URL-Encoded characters in the name of thefallback-doc
​20191018​
Swagger definition supports
discriminator, JSON schema$idreferences and JSON schemapropertyNames​The
array-reverse()andsort(),xml-parse()andhtml-parse()functionsValidation of the
request,requestsandset-response-headersaction JSON bodiesThe expected result in an
assertaction's assertion can now benullThe
logaction, theget-log()function​
The
report-onlyvalidation modes​The
exit-on-error,mockandvalidaterequest options also for XML-configured requestsRelative paths for e.g.
inwithcopyinbackend-flows​
​20190919​
The
$errorvariable containing error information for client request/response validation errorsThe error flow, called if an error occurs, and referenced by
flowinx-flat-errorin the swagger.yamlThe
exit-on-errorrequest option (for JSON-configured requests) to trigger the error flowAn additional parameter
algorithmfor thejwt-decode()function to limit the acceptable signing algorithms. Mandatory for RSASSA based signaturesThe
containsandpatterncompare flags for theassertactionThe
flat testFramework withassert,test-request,backend-flowandset-envactionsThe
json-stringify()andjson-parse()functions
The default
User-Agentfor upstream requests isFLATUnless
terminate="false"is set, theserveaction will terminate the flowFor the
requestaction: values inheadersmay now also be numeric or booleanIf the signature cannot be created, the
jwt-encode()function returns an empty string and an error message is loggedThe
keyfor thejwt-encode()andjwt-decode()functions must not be emptyHTML error page only if HTML is accepted; plain text otherwise
Fatal error when creating requests with
nullquery parameter​Fatal error when creating requests with invalid body source​
Requests are now rejected if upstream validation is enabled, but no
definitionoption is configured or the given definition is not foundThe results of the
split()function can now be used as input forjoin()orfit-serialize()​
