Change8

v3.6.22

📦 traefikView on GitHub →
2 features🐛 11 fixes🔧 12 symbols

Summary

This release focuses heavily on bug fixes across various components including ACME, Kubernetes providers, middlewares (CORS, RequestHeaderModifier), and TLS certificate selection. It also introduces new configuration options for server headers and request size limits.

Migration Steps

  1. Review the migration guide at https://doc.traefik.io/traefik/v3.6/migrate/v3/#v3622 for potential required changes.

✨ New Features

  • Add an option to remove request headers with underscores in the server configuration.
  • Introduce configurable max request header size in the server configuration.

🐛 Bug Fixes

  • Fixed x-forwarded-port in forward-auth middleware.
  • Fixed Host header not being modified by RequestHeaderModifier middleware.
  • Fixed request scheme derivation when Gateway API RequestRedirect omits scheme.
  • Fixed CORS Max-Age being set to 0 by default.
  • Fixed CORS wildcard when allow-credentials is true.
  • Fixed nondeterministic TLS certificate selection on shared SAN.
  • Fixed connection upgrades when backend server is using h2c scheme.
  • Kubernetes EndpointSlice condition changes are now detected.
  • Kubernetes EndpointSlice is now indexed by service name.
  • Kubernetes EndpointSlices are now sorted to keep backend IPs consistent across rebuilds.
  • Ignored other gateways parentRefs and updated route parent statuses only for managed gateways in Gateway API controller.

Affected Symbols