Skip to content

0.81.0

Compare
Choose a tag to compare
@vixentael vixentael released this 06 Jul 12:59
· 565 commits to stable since this release

Core:

  • Prepared Statements

    • Added support of prepared statements for PostgreSQL/MySQL. Both binary and text response formats are supported (#192).
  • SQL requests filtering in AcraCensor

    AcraCensor got smarter in preventing SQL Injections.

    • Improved flexibility for parsing queries. If AcraCensor can't parse an SQL query, it is considered as potentially too dangerous to send it to the database, so AcraCensor blocks such "unparseable" queries by default.
      However, setting the configuration flag ignore_parse_error to true will make AcraCensor ignore the "unparseable" quality of queries and send them to the database anyway. Check out the configuration example in configs/acra-censor.example.yaml (#194).

    • Added support of complex JOIN queries (#191).

    • Improved reading/writing QueryCapture log file. Now AcraCensor uses bufferisation before writing queries into a log file.
      Changed format of QueryCapture log to JSON Line (each query sits in a separate line in a log file instead of having an array of JSON objects) (#193).

    • Introduced a few fixes here and there, made integration tests for AcraCensor more stable (#184).

  • Improving MySQL support

    We introduced MySQL support just a few Acra releases ago and we continue polishing it. Now we've updated the example projects so you can jump right into the code!

    Take a look at how to use Acra for both PostreSQL and MySQL databases in these examples:

  • Other

    • Updated handling of message formats for PostgreSQL and MySQL protocols (#186).

    • Improved logging in CEF and JSON formats for high load systems (#195).

    • Added comprehensive Readme to every project in /examples folder (#196).

    • Added pre-generated configuration file for AcraAuthmanager. Now it's easier to configure AcraServer using AcraWebconfig (#187).

Documentation: