.. _version_history_1.13.0:

1.13.0 (January 20, 2020)
==========================



Changes
-------


* **access log**: added ``FILTER_STATE`` :ref:`access log formatters <v1.13:config_access_log_format>` and gRPC access logger.
* **access log**: added ``HOSTNAME``.
* **access log**: added a :ref:`typed JSON logging mode <v1.13:config_access_log_format_dictionaries>` to output access logs in JSON format with
  non-string values.
* **access log**: fixed ``UPSTREAM_LOCAL_ADDRESS`` :ref:`access log formatters <v1.13:config_access_log_format>` to work for http requests.
* **admin**: added the ability to filter :ref:`/config_dump <v1.13:operations_admin_interface_config_dump>`.
* **api**: added ability to specify ``mode`` for :ref:`Pipe <v1.13:envoy_api_field_core.Pipe.mode>`.
* **api**: remove all support for v1.
* **api**: support for the v3 xDS API added. See :ref:`api_supported_versions`.
* **aws_request_signing**: added new alpha HTTP AWS request signing filter.
* **buffer**: remove old implementation.
* **build**: official released binary is now built against libc++.
* **cluster**: added :ref:`aggregate cluster <v1.13:arch_overview_aggregate_cluster>` that allows load balancing between clusters.
* **config**: all category names of internal envoy extensions are prefixed with the 'envoy.' prefix to follow the reverse DNS naming
  notation.
* **decompressor**: remove decompressor hard assert failure and replace with an error flag.
* **ext_authz**: added :ref:`configurable ability <v1.13:envoy_api_field_config.filter.http.ext_authz.v2.ExtAuthz.include_peer_certificate>` to
  send the :ref:`certificate <v1.13:envoy_api_field_service.auth.v2.AttributeContext.Peer.certificate>` to the ``ext_authz``
  service.
* **fault**: fixed an issue where the http fault filter would repeatedly check the percentage of abort/delay when the ``x-envoy-
  downstream-service-cluster`` header was included in the request to ensure that the actual percentage of abort/delay
  matches the configuration of the filter.
* **health check**: added :ref:`TlsOptions <v1.13:envoy_api_msg_core.HealthCheck.TlsOptions>` to allow TLS configuration overrides.
* **health check**: added :ref:`service_name_matcher <v1.13:envoy_api_field_core.HealthCheck.HttpHealthCheck.service_name_matcher>` to better
  compare the service name patterns for health check identity.
* **health check**: gRPC health checker sets the gRPC deadline to the configured timeout duration.
* **http**: added strict validation that ``CONNECT`` is refused as it is not yet implemented. This can be reversed temporarily by
  setting the runtime feature ``envoy.reloadable_features.strict_method_validation`` to false.
* **http**: added support for http1 trailers. To enable use :ref:`enable_trailers
  <v1.13:envoy_api_field_core.Http1ProtocolOptions.enable_trailers>`.
* **http**: added the ability to sanitize headers nominated by the Connection header. This new behavior is guarded by
  ``envoy.reloadable_features.connection_header_sanitization`` which defaults to true.
* **http**: blocks unsupported transfer-encodings. Can be reverted temporarily by setting runtime feature
  ``envoy.reloadable_features.reject_unsupported_transfer_encodings`` to false.
* **http**: support :ref:`auto_host_rewrite_header
  <v1.13:envoy_api_field_config.filter.http.dynamic_forward_proxy.v2alpha.PerRouteConfig.auto_host_rewrite_header>` in the
  dynamic forward proxy.
* **jwt_authn**: added :ref:`allow_missing <v1.13:envoy_api_field_config.filter.http.jwt_authn.v2alpha.JwtRequirement.allow_missing>` option
  that accepts request without token but rejects bad request with bad tokens.
* **jwt_authn**: added :ref:`bypass_cors_preflight
  <v1.13:envoy_api_field_config.filter.http.jwt_authn.v2alpha.JwtAuthentication.bypass_cors_preflight>` to allow bypassing the
  CORS preflight request.
* **lb_subset_config**: new fallback policy for selectors: :ref:`KEYS_SUBSET
  <v1.13:envoy_api_enum_value_Cluster.LbSubsetConfig.LbSubsetSelector.LbSubsetSelectorFallbackPolicy.KEYS_SUBSET>`.
* **listeners**: added :ref:`reuse_port <v1.13:envoy_api_field_Listener.reuse_port>` option.
* **logger**: added :ref:`--log-format-escaped <v1.13:operations_cli>` command line option to escape newline characters in application logs.
* **ratelimit**: added :ref:`local rate limit <v1.13:config_network_filters_local_rate_limit>` network filter.
* **rbac**: added support for matching all subject alt names instead of first in :ref:`principal_name
  <v1.13:envoy_api_field_config.rbac.v2.Principal.Authenticated.principal_name>`.
* **redis**: add :ref:`host_degraded_refresh_threshold
  <v1.13:envoy_api_field_config.cluster.redis.RedisClusterConfig.host_degraded_refresh_threshold>` and
  :ref:`failure_refresh_threshold <v1.13:envoy_api_field_config.cluster.redis.RedisClusterConfig.failure_refresh_threshold>` to
  refresh topology when nodes are degraded or when requests fails.
* **redis**: correctly follow MOVE/ASK redirection for mirrored clusters.
* **redis**: performance improvement for larger split commands by avoiding string copies.
* **router**: added :ref:`auto_sni <v1.13:envoy_api_field_core.UpstreamHttpProtocolOptions.auto_sni>` to support setting SNI to transport
  socket for new upstream connections based on the downstream HTTP host/authority header.
* **router**: added :ref:`request_mirror_policies <v1.13:envoy_api_field_route.RouteAction.request_mirror_policies>` to support sending
  multiple mirrored requests in one route.
* **router**: added histograms to show timeout budget usage to the :ref:`cluster stats <v1.13:config_cluster_manager_cluster_stats>`.
* **router**: added support for :ref:`max_internal_redirects <v1.13:envoy_api_field_route.RouteAction.max_internal_redirects>` for
  configurable maximum internal redirect hops.
* **router**: added support for ``HOSTNAME`` :ref:`header formatter <v1.13:config_http_conn_man_headers_custom_request_headers>`.
* **router**: added support for ``REQ(header-name)`` :ref:`header formatter <v1.13:config_http_conn_man_headers_custom_request_headers>`.
* **router**: added support for percentage-based :ref:`retry budgets
  <v1.13:envoy_api_field_cluster.CircuitBreakers.Thresholds.retry_budget>`.
* **router**: allow using a :ref:`query parameter <v1.13:envoy_api_field_route.RouteAction.HashPolicy.query_parameter>` for HTTP consistent
  hashing.
* **router**: exposed ``DOWNSTREAM_REMOTE_ADDRESS`` as custom HTTP request/response headers.
* **router**: skip the Location header when the response code is not a 201 or a 3xx.
* **router check tool**: added support for testing and marking coverage for routes of runtime fraction 0.
* **server**: added :ref:`workers_started <v1.13:config_listener_manager_stats>` that indicates whether listeners have been fully
  initialized on workers.
* **server**: added the :option:`--disable-extensions` CLI option, to disable extensions at startup.
* **server**: fixed a bug in config validation for configs with runtime layers.
* **tcp_proxy**: added :ref:`ClusterWeight.metadata_match
  <v1.13:envoy_api_field_config.filter.network.tcp_proxy.v2.TcpProxy.WeightedCluster.ClusterWeight.metadata_match>`.
* **tcp_proxy**: added :ref:`hash_policy <v1.13:envoy_api_field_config.filter.network.tcp_proxy.v2.TcpProxy.hash_policy>`.
* **thrift_proxy**: added stats to the router filter.
* **thrift_proxy**: added support for cluster header based routing.
* **tls**: added support for :ref:`generic string matcher
  <v1.13:envoy_api_field_auth.CertificateValidationContext.match_subject_alt_names>` for subject alternative names.
* **tls**: remove TLS 1.0 and 1.1 from client defaults.
* **tracing**: added initial support for AWS X-Ray (local sampling rules only) :ref:`X-Ray Tracing
  <v1.13:envoy_api_msg_config.trace.v2alpha.XRayConfig>`.
* **tracing**: added tags for gRPC request path, authority, content-type and timeout.
* **tracing**: added the ability to set custom tags on both the :ref:`HTTP connection manager
  <v1.13:envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.tracing>` and the :ref:`HTTP
  route <v1.13:envoy_api_field_route.Route.tracing>`.
* **tracing**: added upstream_address tag.
* **udp**: added initial support for :ref:`UDP proxy <v1.13:config_udp_listener_filters_udp_proxy>`.








Deprecated
----------


* **certificates**: The ``verify_subject_alt_name`` field in :ref:`Certificate Validation Context
  <v1.13:envoy_api_field_auth.CertificateValidationContext.verify_subject_alt_name>` has been deprecated in favor of the
  :ref:`match_subject_alt_names <v1.13:envoy_api_field_auth.CertificateValidationContext.match_subject_alt_names>` field.
* **health_checker**: The ``service_name`` field in :ref:`HTTP health checker <v1.13:envoy_api_msg_core.HealthCheck.HttpHealthCheck>` has been
  deprecated in favor of the ``service_name_matcher`` field.
* **router**: The ``request_mirror_policy`` field in :ref:`RouteMatch <v1.13:envoy_api_msg_route.RouteAction>` has been deprecated in favor
  of the ``request_mirror_policies`` field.
* **tracing**: The ``request_headers_for_tags`` field in :ref:`HTTP connection manager
  <v1.13:envoy_api_msg_config.filter.network.http_connection_manager.v2.HttpConnectionManager.Tracing>` has been deprecated in
  favor of the :ref:`custom_tags
  <v1.13:envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.tracing.custom_tags>` field.
* **xds**: The v2 xDS API is deprecated. It will be supported by Envoy until EOY 2020. See :ref:`api_supported_versions`.