Releases: hansott/psr7-cookies
Releases · hansott/psr7-cookies
Support psr/http-message 2.0 and drop support PHP 7.0, 7.1
⚡️ Remove unneeded files from git export (and run tests on PHP 8.0)
3.0.2 🏗 Ignore platform reqs for nightly
✨ Allow SameSite=none
✨ Version 3
See #5 (comment)
Adding a cookie to a PSR-7 message is the only thing that this library should do, the other functionality is removed.
How to upgrade?
RequestCookies->$request->getCookieParams()gives you all request cookies in the format you're used to.Signer-> I'm not sure what I should recommend at this point, I'm not an expert at security. That's part of the reason why I'm dropping the sign cookie functionality.ResponseCookies-> Just useSetCookie->addToResponse
Thanks for understanding.
Hans
Add SameSite cookie attribute
2.0.1: 🐛 Cast cookie name to string
Breaking change for security improvement
Although it's not an API change, users should be prepared to see exceptions for signed cookies.
Signed cookies are now signed using the name AND value (previously only the value). This makes sure that a signed cookie cannot be renamed without changing the signature.
Bug fixes
- Make sure cookie names are case insensitive in collections to prevent duplicates (c6b0001)
- Improved exception messages (cd830d5)
- Improved test coverage (3bccfee)
RequestCookies&ResponseCookiesnow directly implementIterator(before throughCookieCollectioninterface), since only 2 downloads, no major/minor change. (c44b4ce)