Add support for all functions from the module sys. Note that Cowboy currently does not implement the sys debugging mechanisms as tracing is recommended instead.

Add a max_frame_size option for Websocket handlers to close the connection when the client attempts to send a frame that’s too large. It currently defaults to infinity to avoid breaking existing code but will be changed in a future version.

Update Cowlib to 2.2.1.

Add support for the 308 status code and a test suite for RFC7538 where it is defined.

Ensure timeout options accept the value infinity as documented.

Properly reject HTTP/2 requests with an invalid content-length header instead of simply crashing.

When switching from HTTP/1.1 to Websocket or user protocols all the messages in the mailbox were flushed. Only messages specific to cowboy_http should now be flushed.

Parsing of the x-forwarded-for header has been corrected. It now supports IPv6 addresses both with and without port.

Websocket subprotocol tokens are now parsed in a case insensitive manner, according to the spec.

Cookies without values are now allowed. For example Cookie: foo.

Colons are now allowed within path segments in routes provided to cowboy_router:compile/1 as long as they are not the first character of the path segment.

The cowboy_req:delete_resp_header/2 function will no longer crash when no response header was set before calling it.

A miscount of the output HTTP/2 flow control window has been fixed. It prevented sending the response body fully to some clients. The issue only affected response bodies sent as iolists.