This release just fixes a problem in @mashroom/mashroom-portal-default-layouts which wasn't published correctly in version 2.7.0

Features

• Portal: It is now possible to configure what should happen if the authentication expires. Until now the strategy was to just reload the current page,
  now you can choose between multiple strategies:

  • stayOnPage
  • reload (Default, same behaviour as before)
  • redirect (redirect to another page)
  • displayDomElement (set display: block on the DOM element with given ID)

  BREAKING CHANGE: Mashroom Portal WebApp plugin properties warnBeforeAuthenticationExpiresSec and autoExtendAuthentication have been removed, instead it expects a configuration like this:

    "authenticationExpiration": {
      "warnBeforeExpirationSec": 60,
      "autoExtend": false,
      "onExpiration": {
        "strategy": "reload"
      }
    },
  

• Session Plugin: Uses now a session cookie (without a maxAge) by default, so, the session can only expire on the server side and not because the cookie expires

• HTTP Proxy: Adds now a proper x-forwarded-host header (if createForwardedForHeaders is set)

Bugfixes

• HTTP Proxy: Added missing createForwardedForHeaders config prop to the JSON schema
• VHost Path Mapper: Replace the location header URL with the relative path if the host matches the frontend host.
  This saves an unnecessary round trip if the protocol does not match the frontend protocol (see #121)
• VHost Path Mapper: Fixed reverse mapping of the location header if the URL is absolute

Features

• Official support for Node 22 added

Bugfixes

• Portal: Fixed detection which App wrote a browser console error
  (the portalAppName will now be set properly in the server log)

New Features

• HTTP Proxy: Added support for transforming the request/response body.
  Proxy interceptors can now return streamTransformers (implementing stream.Transform) that can be used to compress/encrypt the communication to backend servers.
• Improved supply chain safety
  • Disabled all dependency lifecycle scripts by default
  • Generate npm provenance statements when publishing

Bugfixes

• Fixed the problem that remote subscriptions can receive the same message multiple times if subscription patterns overlap

Checkout the changelog for a full list of changes.