v0.11.2
Proxy-Authorization header
When authentication is enabled, you can now use a Proxy-Authorization
header on the requests you are sending to the proxy. This header accepts both Basic
authentication with base64 encoded value and also accepts Bearer
authentication with a JWT token value. In combination with this work, we've also added the ability for disabling Basic authentication with the Hoverfly flag -disable-basic-auth
.
More information on proxy authentication
--https-only
We have added a new flag to both Hoverfly and hoverctl. This flag is --https-only
and will set the Hoverfly proxy to only accept HTTPS requests. Any non HTTPS requests will result in 502 Bad Gateway
responses.
More information on hoverctl commands
Timeout after failed authentication attempts
In an effort to keep Hoverfly secure when authentication is enabled, we have added a timeout that is triggered after three unsuccessful login attempts. After the three attempts, logging in result in a 429 Too Many Requests
and you will have to wait 10 minutes.
More information on proxy authentication
Version bug
Due to the ongoing work to tidy up the public API of the Hoverfly library, a bug was introduced causing our mechanism to update the version number in the library to not correctly up date the version of Hoverfly. This has now been fixed with this release meaning the version number will now be consistent across Hoverfly.
More information on hoverctl commands