Skip to content

Releases: nelmio/NelmioCorsBundle

2.4.0

30 Nov 16:42
@Seldaek Seldaek
2.4.0
78fcdb9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.0 Latest
Latest

What's Changed

  • Added Symfony 7 support (#193)
  • Dropped Symfony 4 support (#193)
  • Added bundle config (#184)

Full Changelog: 2.3.1...2.4.0

Assets 2

2.3.1

16 Feb 08:50
@Seldaek Seldaek
2.3.1
185d2c0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.3.1

Full Changelog: 2.3.0...2.3.1

Contributors

michalbundyra
Assets 2

2.3.0

15 Feb 21:55
@Seldaek Seldaek
2.3.0
347fbdc
This commit was signed with the committer’s verified signature.
Seldaek Jordi Boggiano
GPG key ID: 7BBD42C429EC80BC
Learn about vigilant mode.
Compare
Choose a tag to compare
2.3.0
  • Downgraded CacheableResponseVaryListener's priority from 0 to -10 to ensure it runs after FrameworkExtraBundle listeners have set their cache headers (#179)
  • Added optional logging support if you inject a Logger into the CorsListener you can get debug info about the whole CORS decision process (#173)
  • Added support for setting expose_headers to a wildcard '*' which exposes all headers, this works as long as allow_credentials is not enabled as per the spec (#132)
  • Added skip_same_as_origin flag (default to true which is the old behavior) to allow opting out of skipping the CORS headers in the response if the Origin matches the application's hostname (#178)
  • Fixed ProviderMock having an invalid return type (#169)
  • Dropped support for Symfony 4.3 and 5.0 to 5.3
Assets 2

2.2.0

01 Dec 09:34
@Seldaek Seldaek
2.2.0
0ee5ee3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.2.0
  • Added support for Symfony 6
Assets 2

2.1.1

20 Apr 08:29
@Seldaek Seldaek
2.1.1
0b964b6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.1
  • Fixed response for unauthorized headers containing a reflected XSS (#163)
Assets 2

2.1.0

22 Jul 11:44
@Seldaek Seldaek
2.1.0
be4d582
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.0
  • Added Vary: Origin header to cacheable responses to make sure proxies cache them correctly
Assets 2

2.0.1

15 Nov 08:54
@Seldaek Seldaek
2.0.1
9683e6d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.1
  • Reverted CorsListener priority change as it was interfering with normal operations. The priority is back at 250.
Assets 2

2.0.0

12 Nov 16:28
@Seldaek Seldaek
2.0.0
5e6eace
This commit was signed with the committer’s verified signature.
Seldaek Jordi Boggiano
GPG key ID: 7BBD42C429EC80BC
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.0
  • BC Break: Downgraded CorsListener priority from 250 to 28, this should not affect anyone but could be a source in case of strange bugs
  • BC Break: Removed support for Symfony <4.3
  • BC Break: Removed support for PHP <7.1
  • Added support for Symfony 5
  • Added support for configuration via env vars
  • Changed the code to avoid mutating the EventDispatcher at runtime
  • Changed the code to avoid returning Access-Control-Allow-Origin: null headers to mark blocked requests
Assets 2

1.5.6

17 Jun 08:53
@Seldaek Seldaek
1.5.6
10a24c1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.6
  • Fixed preflight request handler hijacking regular non-CORS OPTIONS requests.
Assets 2

1.5.5

27 Feb 13:15
@dunglas dunglas
1.5.5
This tag was signed with the committer’s verified signature.
dunglas Kévin Dunglas
GPG key ID: 4D04EBEF06AAF3A6
Learn about vigilant mode.
adabee9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.5
  • Compatibility with Symfony 4.1
  • Fixed preflight responses to always include Origin in the Vary HTTP header
Assets 2