I just wanted to quickly summarize the recent changes we made to SEP-8:
1. We added the CORS header support to the requests to the approval server so that web apps on the other domains can hit them cross-domain. See here
2. We added “action_method” and “action_fields” to the “action_required” response so that clients can pass sensitive information outside of the “action_url”. See here
3. We added zero timeout in the “pending” response to handle cases where timeout cannot be determined. See here
4. We added “Transaction Composition” to incorporate CAP-18 so that issuers no longer have to be a co-signer of the accounts holding the regulated asset. See here
5. We added the support of the content type “application/json” to the requests to the approval server to make it easier to integrate with the APIs. See here
Note that some PRs missed resetting the PATCH version number when it bumped the MINOR version number. That wasn’t on purpose.
Let me know if you have any further thoughts about the changes.
Stellar Development Foundation