github TykTechnologies/tyk v5.0.4
Tyk Gateway v5.0.4 and Tyk Dashboard v5.0.4
on GitHub

latest releases: v5.3.6-rc3, v5.6.0-rc3, v5.3.6-rc2...
14 months ago

Tyk Gateway 5.0.4 and Tyk Dashboard 5.0.4

Fixed

  • Fixed a bug where python Rich Plugin truncates HTTP headers with same name and returns just the first one. Multiple headers with same name can be supported now.
  • Fixed a bug where gateway logs were not honouring enable_key_logging setting
  • Fixed a bug where Tyk could return HTTP 500 Internal Server Error when load balancing at very high API traffic levels
  • Fixed a bug where URL rewrite failed when the request contains absolute URL as HTTP verb argument
  • Fixed a typo (log-intrumentation) in CLI flag (log-instrumentation) name and comment; thanks to WolfusFlow for the contribution.
  • Fixed a bug where introspection not working for custom root operation types
  • Fixed a bug where UDG was not handling query parameters for REST data source correctly, when parameter was an array
  • Adjusted the description for the Policy states, so that it reflects the actual behaviour of the policy, when attached to a key.
  • Fixed a bug where Tyk might incorrectly apply rounding to 64-bit integer values provided in context. Thanks to @mortymacs for the contribution.

Tyk Dashboard 5.0.4

Fixed

  • Fixed a bug when JWT contains a claim as array and the values containing spaces, those not being parsed correctly
  • When importing/creating and API by providing an API Definition that has Event handlers attached, we now store all the events properly in the definition
  • Fixed a bug when updating, using the Dashboard, an API that has custom event handlers, we now do not clear them anymore.
  • Fixed a bug where it was not possible to configure the rate limiter to count over a shorter period than 60 seconds when set by a partitioned policy.
  • Fixed a bug where keys linked to multiple policies become unusable if one of the policies is removed.
  • Fixed a security bug where the key_id was unnecessarily returned when a hashed key is created for an API using basic auth.
  • Fixed a bug where Dashboard would take too long loading Policies to the Gateway
  • Fixed a potential security issue which allowed search for keys by username; new flag disable_key_actions_by_username added to restrict this
  • Fixed a security bug where node secret could be output in the Removed debug-level logging when authorizing requests.

Changes

  • Added processor to fill the MainStorage with the mongo configs in the root
  • Set dashboard session cookies to be HttpOnly with SameSite: Strict
  • Set classic portal session cookies to be HttpOnly with SameSite: Strict
Check out latest releases or
releases around TykTechnologies/tyk v5.0.4

Don't miss a new tyk release

NewReleases is sending notifications on new releases.

Get notifications