docs(whats_new.md): CORS middleware (#2979)

* docs(whats_new.md): CORS middleware * docs(whats_new.md): Update to long description of changes, CORS middleware.
gofiber · Apr 25, 2024 · 69f5b6b · 69f5b6b
1 parent 3a0313d
commit 69f5b6b
Showing 1 changed file with 38 additions and 0 deletions.
diff --git a/docs/whats_new.md b/docs/whats_new.md
@@ -101,11 +101,49 @@ We have made several changes to the Fiber app, including:
 ### Generic functions
 
 ### Middleware refactoring
+
+### Updates to CORS Middleware
+
+We've made some changes to the CORS middleware to improve its functionality and flexibility. Here's what's new:
+
+#### New Struct Fields
+- `Config.AllowPrivateNetwork`: This new field is a boolean that allows you to control whether private networks are allowed. This is related to the [Private Network Access (PNA)](https://wicg.github.io/private-network-access/) specification from the Web Incubator Community Group (WICG). When set to `true`, the CORS middleware will allow CORS preflight requests from private networks and respond with the `Access-Control-Allow-Private-Network: true` header. This could be useful in development environments or specific use cases, but should be done with caution due to potential security risks.
+
+#### Updated Struct Fields
+We've updated several fields from a single string (containing comma-separated values) to slices, allowing for more explicit declaration of multiple values. Here are the updated fields:
+
+- `Config.AllowOrigins`: Now accepts a slice of strings, each representing an allowed origin.
+- `Config.AllowMethods`: Now accepts a slice of strings, each representing an allowed method.
+- `Config.AllowHeaders`: Now accepts a slice of strings, each representing an allowed header.
+- `Config.ExposeHeaders`: Now accepts a slice of strings, each representing an exposed header.
+
 #### Session middleware
 #### Filesystem middleware
 ### Monitor middleware
 
 Monitor middleware is now in Contrib package.
 
 ## Migration guide
+
+### CORS Middleware
+
+The CORS middleware has been updated to use slices instead of strings for the `AllowOrigins`, `AllowMethods`, `AllowHeaders`, and `ExposeHeaders` fields. Here's how you can update your code:
+
+```go
+// Before
+app.Use(cors.New(cors.Config{
+  AllowOrigins: "https://example.com,https://example2.com",
+  AllowMethods: strings.Join([]string{fiber.MethodGet, fiber.MethodPost}, ","),
+  AllowHeaders: "Content-Type",
+  ExposeHeaders: "Content-Length",
+}))
+
+// After
+app.Use(cors.New(cors.Config{
+  AllowOrigins: []string{"https://example.com", "https://example2.com"},
+  AllowMethods: []string{fiber.MethodGet, fiber.MethodPost},
+  AllowHeaders: []string{"Content-Type"},
+  ExposeHeaders: []string{"Content-Length"},
+}))
+```
 ...