Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
Other upgraded assets:
Other upgraded assets:
Other upgraded assets:
Other upgraded assets:
Other upgraded assets:
api
mode, the API Firewall now returns error messages in responses for requests containing parameter values that exceed the minimum and maximum limits defined in the OpenAPI specificationOther upgraded assets:
APIFW_GRAPHQL_MAX_ALIASES_NUM
and APIFW_GRAPHQL_FIELD_DUPLICATION
.Other upgraded assets:
Ability to set the general API Firewall mode using the APIFW_MODE environment variable. The default value is PROXY. When set to API, you can validate individual API requests based on a provided OpenAPI specification without further proxying.
Introduced the ability to allow OPTIONS requests for endpoints specified in the OpenAPI, even if the OPTIONS method is not explicitly defined. This can be achieved using the APIFW_PASS_OPTIONS variable. The default value is false.
Introduced a feature that allows control over whether requests should be identified as non-matching the specification if their parameters do not align with those outlined in the OpenAPI specification. It is set to true by default.
This can be controlled through the APIFW_SHADOW_API_UNKNOWN_PARAMETERS_DETECTION variable in PROXY mode and via the APIFW_API_MODE_UNKNOWN_PARAMETERS_DETECTION variable in API mode.
The new logging level mode TRACE to log incoming requests and API Firewall responses, including their content. This level can be set using the APIFW_LOG_LEVEL environment variable.
Dependency updates
Bug fixes
Other upgraded assets:
Other upgraded assets: