Releases: symfony/security-http
Releases · symfony/security-http
v7.3.5
Changelog (v7.3.4...v7.3.5)
- bug symfony/symfony#62037 Fix generating logout link with stateless csrf (@pierredup)
Contributors
pierredup
Assets 2
v8.0.0-BETA1
Changelog (v7.3.4...v8.0.0-BETA1)
- feature symfony/symfony#62043 [Security] Allow multiple OIDC discovery endpoints (@ruudk)
- feature symfony/symfony#61949 [HttpFoundation] Deprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE (@nicolas-grekas)
- feature symfony/symfony#60660 [Security] Add security:oidc-token:generate command (@Jean-Beru)
- feature symfony/symfony#61948 [HttpFoundation] Deprecate Request::get() in favor of using properties ->attributes, query or request directly (@nicolas-grekas)
- feature symfony/symfony#61789 [Security] deprecate extending
RememberMeDetailsusing legacy constructor signature (@xabbuh) - feature symfony/symfony#61760 [Security] remove the user FQCN from remember me cookies (@xabbuh)
- feature symfony/symfony#61743 [Security] deprecate the FQCN properties of
PersistentTokenandRememberMeDetails(@xabbuh) - feature symfony/symfony#61694 [Security] Add
$tokenSourceargument to#[IsCsrfTokenValid]to support reading tokens from the query string or headers (@webda2l) - feature symfony/symfony#61654 [Security] Deprecate
PersistentToken::getClass()andRememberMeDetails::getUserFqcn()in order to remove the user FQCN from the remember-me cookie in 8.0 (@nicolas-grekas) - feature symfony/symfony#61542 [Security] Allow subclassing
#[IsGranted](@nicolas-grekas) - feature symfony/symfony#61504 [SecurityHttp] Removes final keyword from IsGranted attribute (@crtl)
- feature symfony/symfony#61359 [Security] Add
$methodssupport to#[IsGranted]to restrict access by HTTP method (@santysisi) - feature symfony/symfony#61204 [Security] Support union type for
#[CurrentUser]attribute (@VincentLanglet) - feature symfony/symfony#61187 Declare new parameters on interfaces and methods explicitly (@nicolas-grekas)
- feature symfony/symfony#61183 [Security] Throw when passing an empty string as $userIdentifier and tighten AuthenticatorManager and OidcTokenHandler arguments (@nicolas-grekas)
- feature symfony/symfony#61011 [Security] Remove deprecated
RememberMeToken::getSecret()(@ktherage) - feature symfony/symfony#60879 [Security] Remove callable firewall listeners support (@MatTheCat)
- feature symfony/symfony#60614 [Security] Deprecate callable firewall listeners (@MatTheCat)
- feature symfony/symfony#60742 [Ldap][Security] Remove deprecated
eraseCredentials()from (User|Token)Interface (@chalasr) - feature symfony/symfony#60697 Enforce return types on all components (@nicolas-grekas)
- feature symfony/symfony#60639 Bump Symfony 8 to PHP >= 8.4 (@nicolas-grekas)
Contributors
ruudk, nicolas-grekas, and 9 other contributors
Assets 2
v7.4.0-BETA1
Changelog (v7.3.4...v7.4.0-BETA1)
- feature symfony/symfony#62043 [Security] Allow multiple OIDC discovery endpoints (@ruudk)
- feature symfony/symfony#61949 [HttpFoundation] Deprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE (@nicolas-grekas)
- feature symfony/symfony#60660 [Security] Add security:oidc-token:generate command (@Jean-Beru)
- feature symfony/symfony#61948 [HttpFoundation] Deprecate Request::get() in favor of using properties ->attributes, query or request directly (@nicolas-grekas)
- feature symfony/symfony#61789 [Security] deprecate extending
RememberMeDetailsusing legacy constructor signature (@xabbuh) - feature symfony/symfony#61743 [Security] deprecate the FQCN properties of
PersistentTokenandRememberMeDetails(@xabbuh) - feature symfony/symfony#61694 [Security] Add
$tokenSourceargument to#[IsCsrfTokenValid]to support reading tokens from the query string or headers (@webda2l) - feature symfony/symfony#61654 [Security] Deprecate
PersistentToken::getClass()andRememberMeDetails::getUserFqcn()in order to remove the user FQCN from the remember-me cookie in 8.0 (@nicolas-grekas) - feature symfony/symfony#61542 [Security] Allow subclassing
#[IsGranted](@nicolas-grekas) - feature symfony/symfony#61504 [SecurityHttp] Removes final keyword from IsGranted attribute (@crtl)
- feature symfony/symfony#61359 [Security] Add
$methodssupport to#[IsGranted]to restrict access by HTTP method (@santysisi) - feature symfony/symfony#61204 [Security] Support union type for
#[CurrentUser]attribute (@VincentLanglet) - feature symfony/symfony#60614 [Security] Deprecate callable firewall listeners (@MatTheCat)
Contributors
ruudk, nicolas-grekas, and 7 other contributors
Assets 2
v7.3.4
Changelog (v7.3.3...v7.3.4)
- bug symfony/symfony#61659 [Security] Fix
HttpUtils::createRequest()when the base request is forwarded (@MatTheCat)
Contributors
MatTheCat
Assets 2
v6.4.26
Changelog (v6.4.25...v6.4.26)
- bug symfony/symfony#61659 [Security] Fix
HttpUtils::createRequest()when the base request is forwarded (@MatTheCat)
Contributors
MatTheCat
Assets 2
v7.3.3
Changelog (v7.3.2...v7.3.3)
- feature symfony/symfony#61486 [Security] Ignore target route when exiting impersonation (@MatTheCat)
Contributors
MatTheCat
Assets 2
v6.4.25
Changelog (v6.4.24...v6.4.25)
- feature symfony/symfony#61486 [Security] Ignore target route when exiting impersonation (@MatTheCat)
Contributors
MatTheCat
Assets 2
v7.3.2
Changelog (v7.3.1...v7.3.2)
- no significant changes
v7.2.9
Changelog (v7.2.8...v7.2.9)
- no significant changes
v6.4.24
Changelog (v6.4.23...v6.4.24)
- no significant changes