Cowboy 2.15 fixes a number of security vulnerabilities. It also has a few new options for HTTP/1.1.
Cowboy 2.15 updates Cowlib to 2.16.1. Both applications must be updated as they both contain security fixes.
Cowboy 2.15 requires Erlang/OTP 24.0 or greater.
max_authorization_header_value_length and max_cookie_header_value_length options were added to HTTP/1.1. They allow more fine-grained control over header value lengths.
terminate/3 on abrupt socket close (without a close frame being sent first). This is now fixed. Do note however that the Websocket session process must trap exits to call terminate/3. This was fixed since Cowboy 2.14.1.
Donate to Loïc Hoguin because his work on Cowboy, Ranch, Gun and Erlang.mk is fantastic:
Recurring payment options are also available via GitHub Sponsors. These funds are used to cover the recurring expenses like food, dedicated servers or domain names.