Skip to content

Releases: nelmio/NelmioCorsBundle

2.5.0

24 Jun 21:27
@Seldaek Seldaek
2.5.0
3a526fe
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.5.0 Latest
Latest

What's Changed

  • Added support for Private Network Access #190
  • Fixed default boolean values being overwritten in per-path configs #186
  • Fixed deprecation notice in Symfony 7.1 #200

Full Changelog: 2.4.0...2.5.0

Assets 2
Loading

2.4.0

30 Nov 16:42
@Seldaek Seldaek
2.4.0
78fcdb9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.0

What's Changed

  • Added Symfony 7 support (#193)
  • Dropped Symfony 4 support (#193)
  • Added bundle config (#184)

Full Changelog: 2.3.1...2.4.0

Assets 2
Loading

2.3.1

16 Feb 08:50
@Seldaek Seldaek
2.3.1
185d2c0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.3.1

Full Changelog: 2.3.0...2.3.1

Contributors

michalbundyra
Assets 2
Loading

2.3.0

15 Feb 21:55
@Seldaek Seldaek
2.3.0
347fbdc
This commit was signed with the committer’s verified signature.
Seldaek Jordi Boggiano
GPG key ID: 7BBD42C429EC80BC
Learn about vigilant mode.
Compare
Choose a tag to compare
2.3.0
  • Downgraded CacheableResponseVaryListener's priority from 0 to -10 to ensure it runs after FrameworkExtraBundle listeners have set their cache headers (#179)
  • Added optional logging support if you inject a Logger into the CorsListener you can get debug info about the whole CORS decision process (#173)
  • Added support for setting expose_headers to a wildcard '*' which exposes all headers, this works as long as allow_credentials is not enabled as per the spec (#132)
  • Added skip_same_as_origin flag (default to true which is the old behavior) to allow opting out of skipping the CORS headers in the response if the Origin matches the application's hostname (#178)
  • Fixed ProviderMock having an invalid return type (#169)
  • Dropped support for Symfony 4.3 and 5.0 to 5.3
Assets 2
Loading

2.2.0

01 Dec 09:34
@Seldaek Seldaek
2.2.0
0ee5ee3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.2.0
  • Added support for Symfony 6
Assets 2
Loading

2.1.1

20 Apr 08:29
@Seldaek Seldaek
2.1.1
0b964b6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.1
  • Fixed response for unauthorized headers containing a reflected XSS (#163)
Assets 2
Loading

2.1.0

22 Jul 11:44
@Seldaek Seldaek
2.1.0
be4d582
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.0
  • Added Vary: Origin header to cacheable responses to make sure proxies cache them correctly
Assets 2
Loading

2.0.1

15 Nov 08:54
@Seldaek Seldaek
2.0.1
9683e6d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.1
  • Reverted CorsListener priority change as it was interfering with normal operations. The priority is back at 250.
Assets 2
Loading

2.0.0

12 Nov 16:28
@Seldaek Seldaek
2.0.0
5e6eace
This commit was signed with the committer’s verified signature.
Seldaek Jordi Boggiano
GPG key ID: 7BBD42C429EC80BC
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.0
  • BC Break: Downgraded CorsListener priority from 250 to 28, this should not affect anyone but could be a source in case of strange bugs
  • BC Break: Removed support for Symfony <4.3
  • BC Break: Removed support for PHP <7.1
  • Added support for Symfony 5
  • Added support for configuration via env vars
  • Changed the code to avoid mutating the EventDispatcher at runtime
  • Changed the code to avoid returning Access-Control-Allow-Origin: null headers to mark blocked requests
Assets 2
Loading

1.5.6

17 Jun 08:53
@Seldaek Seldaek
1.5.6
10a24c1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.6
  • Fixed preflight request handler hijacking regular non-CORS OPTIONS requests.
Assets 2
Loading