servant/servant-server/CHANGELOG.md
Andres Loeh a551eb62e2 Do the accept check before the body check.
This is a reasonably simple attempt at fixing #460.
By moving the accept check to a place before the body check,
we can make it recoverable (the body check is irreversible,
so everything done after the body check has to fail fatally).

The advantage is that we can now specify routes offering
different content types modularly. Failure to match one
is not fatal, and will result in subsequent routes being
tried.

The disadvantage is that we hereby bump the error priority
of the 406 status code. If a request contains a bad accept
header and a bad body, we now get 406 rather than 400. This
deviates from the HTTP decision diagram we try to follow,
but seems like an acceptable compromise for now.
2016-04-15 10:54:22 +02:00

3.3 KiB

0.7

  • The Router type has been changed. Static router tables should now be properly shared between requests, drastically increasing the number of situations where servers will be able to route requests efficiently. Functions layout and layoutWithContext have been added to visualize the router layout for debugging purposes. Test cases for expected router layouts have been added.
  • If an endpoint is discovered to have a non-matching "accept header", this is now a recoverable rather than a fatal failure, allowing different endpoints for the same route, but with different content types to be specified modularly.
  • Export throwError from module Servant
  • Add Handler type synonym

0.6.1

  • If servers use the BasicAuth combinator and receive requests with missing or invalid credentials, the resulting error responses (401 and 403) could be overwritten by subsequent alternative routes. Now BasicAuth uses FailFatal and the error responses can't be overwritten anymore.

0.6

  • Query parameters that can't be parsed result in a 400 (was 404).

0.5

  • Add Config machinery (https://github.com/haskell-servant/servant/pull/327). This is a breaking change, as the signatures of both route, serve and the typeclass HasServer now take an additional parameter.
  • Support for the HttpVersion, IsSecure, RemoteHost and Vault combinators
  • Drop EitherT in favor of ExceptT
  • Use http-api-data instead of Servant.Common.Text
  • Remove matrix params.
  • Remove RouteMismatch.
  • Redefined constructors of RouteResult.
  • Added Delayed and related functions (addMethodCheck, addAcceptCheck, addBodyCheck, runDelayed)
  • Added support for Basic Authentication
  • Add generalized authentication support via the AuthServerData type family and AuthHandler handler

0.4.1

  • Bump attoparsec upper bound to < 0.14
  • Bump wai-app-static upper bound to < 3.2
  • Bump either upper bound to < 4.5

0.4

0.2.4

0.2.3