actix-session: v0.4.1

• Session::set_session takes a IntoIterator instead of Iterator. #105
• Fix calls to session.purge() from paths other than the one specified in the cookie. #129

actix-redis: v0.9.2

• Implement std::error::Error for Error #135
• Allow the removal of Max-Age for session-only cookies. #161

actix-web-httpauth: v0.5.1

• Correct error handling when extracting auth details from request. #128

actix-cors: v0.5.4

• Fix expose_any_header method, now set the correct field. #143

actix-cors: v0.5.3

• Fix version spec for derive_more dependency.

actix-cors: v0.5.2

• Ensure tinyvec is using the correct features.
• Bump futures-util minimum version to 0.3.7 to avoid RUSTSEC-2020-0059.

actix-cors: v0.5.1

• Fix allow_any_header method, now set the correct field. #121

actix-cors: v0.5.0

Notes

This release reflects a sort of "beta" period for a 1.0 release. Please open issues for bugs and feedback.

Changes

• Disallow * in Cors::allowed_origin. #114.
• Hide CorsMiddleware from docs. #118.
• CorsFactory is removed. #119
• The impl Default constructor is now overly-restrictive. #119
• Added Cors::permissive() constructor that allows anything. #119
• Adds methods for each property to reset to a permissive state. (allow_any_origin,
  expose_any_header, etc.) #119
• Errors are now propagated with Transform::InitError instead of panicking. #119
• Fixes bug where allowed origin functions are not called if allowed_origins is All. #119
• AllOrSome is no longer public. #119
• Functions used for allowed_origin_fn now receive the Origin HeaderValue as the
  first parameter. #120

actix-cors: v0.4.1

• Allow closures to be used with allowed_origin_fn. #110

actix-cors: v0.4.0

• Implement allowed_origin_fn builder method. #93
• Use TryInto instead of TryFrom where applicable. #106