Roda 3.86.0 Released #369

jeremyevans · 2024-11-12T19:12:48Z

jeremyevans
Nov 12, 2024
Maintainer

Roda 3.86.0 has been released!

A conditional_sessions plugin has been added. This allows you to
only support sessions for a subset of the application's requests.
You pass a block when loading the plugin, and sessions are only
supported if the block returns truthy. The block is evaluated
in request scope.

As an example, if you do not want to support sessions for request
paths starting with /static, you could use:
```
  plugin :conditional_sessions, secret: ENV["SECRET"] do
    !path_info.start_with?('/static')
  end
```
With this example, if the request path starts with /static:
- The request methods session, session_created_at, and
  session_updated_at all raise an exception.
- The request persist_session and route scope clear_session
  methods do nothing and return nil.
Options passed when loading the plugin are passed to the sessions
plugin.
In the content_security_policy plugin, you can now call
response.skip_content_security_policy! to skip the setting of the
response header.
In the permissions_policy plugin, you can now call
response.skip_permissions_policy! to skip the setting of the
response header.

When using the autoload_hash_branches and/or autoload_named_routes
plugins, Roda.freeze now works correctly if the Roda class is
already frozen.

Thanks,
Jeremy