This repository has been archived by the owner on Apr 23, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 31
/
99-appendix-a.Rmd
17 lines (10 loc) · 3 KB
/
99-appendix-a.Rmd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# (APPENDIX) Appendix {-}
# All Annotations
# Plumber 0.4.0 Migration Guide
Plumber underwent a series of breaking changes as a part of the 0.4.0 release. These changes were made as an attempt to rectify some earlier mistakes and as an attempt to take care of all foreseeable breaking changes for the Plumber package.
There are a number of changes that users should consider when preparing to upgrade to `plumber` 0.4.0.
1. **Plumber no longer accepts external connections by default**. The `host` parameter for the `run()` method now defaults to `127.0.0.1`, meaning that Plumber will only listen for incoming requests from the local machine on which it's running -- not from any other machine on the network. This is done for security reasons so that you don't accidentally expose a Plumber API that you're developing to your entire network. To restore the old behavior in which Plumber listened for connections from any machine on the network, use `$run(host="0.0.0.0")`. Note that if you're deploying to an environment that includes an HTTP proxy (such as the [DigitalOcean](#digitalocean) servers which use nginx), having Plumber listen only on `127.0.0.1` is likely the right default, as your proxy -- not Plumber -- is the one receiving external connections.
2. Plumber no longer sets the `Access-Control-Allow-Origin` HTTP header to `*`. This was previously done for convenience but given the security implications we're reversing this decision. The previous behavior would have allowed web browsers to make requests of your API from other domains using JavaScript if the request used only standard HTTP headers and were a `GET`, `HEAD`, or `POST` request. These requests will no longer work by default. If you wish to allow an endpoint to be accessible from other origins in a web browser, you can use `res$setHeader("Access-Control-Allow-Origin", "*")` in an endpoint or filter.
3. Rather than setting the default port to `8000`, **the port is now randomly selected**. This ensures that a shared server (like RStudio Server) will be able to support multiple people developing Plumber APIs concurrently without them having to manually identify an available port. This can be controlled by specifying the `port` parameter in the `run()` method or by setting the `plumber.port` option.
4. **The object-oriented model for Plumber routers has changed**. If you're calling any of the following methods on your Plumber router, you will need to modify your code to use the newer alternatives: `addFilter`, `addEndpoint`, `addGlobalProcessor`, and `addAssets`. The code around these functions has undergone a major rewrite and some breaking changes have been introduced. These four functions are still supported with a deprecation warning in 0.4.0, but support is only best-effort. Certain parameters on these methods are no longer supported, so you should thoroughly test any Plumber API that leverages any of these methods before deploying version 0.4.0. [Updated documentation](#programmatic-usage) for using Plumber programmatically is now available.
# Citations