Bump fruitcake/laravel-cors from 1.0.6 to 2.0.0
Created by: dependabot-preview[bot]
Bumps fruitcake/laravel-cors from 1.0.6 to 2.0.0.
Release notes
Sourced from fruitcake/laravel-cors's releases.
v2.0 (2020-05-11)
asm89/stack-cors 2.x is now used, with these notable changes:
Added
- CORS headers are better cachable now, with correct Vary headers (#asm89/stack-cors#70, #asm89/stack-cors#74)
Changed
- CORS headers are added to non-Origin requests when possible (#asm89/stack-cors#73)
- Requests are no longer blocked by the server, only by the browser (#asm89/stack-cors#70)
Add headers with Event Listener
No release notes provided.
Update max_age check, improve tests
No release notes provided.
Update to v2
- Don't block CORS requests in Laravel, leave it to the browser
- Update Vary headers for better caching
- Use static/cacheable headers when possible
Changelog
Sourced from fruitcake/laravel-cors's changelog.
Change Log
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
v2.0 (2020-05-11)
asm89/stack-cors 2.x is now used, with these notable changes:
Added
- CORS headers are better cachable now, with correct Vary headers (#asm89/stack-cors#70, #asm89/stack-cors#74)
Changed
- CORS headers are added to non-Origin requests when possible (#asm89/stack-cors#73)
- Requests are no longer blocked by the server, only by the browser (#asm89/stack-cors#70)
v1.0 (2019-12-27)
Breaking changes
- Adding the middleware on Route groups is no longer supported. You can use the new
paths
option to match your routes- The config file has been changed from
camelCase
tosnake_case
, please update your own config.- The deprecated Lumen ServiceProvider has been removed.
- There is no need to manually configure the
cors
config in Lumen.Added
- The
paths
option is added to match certain routes only, while still using global middleware. This allows for better error handling.v0.11.0 (2017-12-xx)
Breaking changes
- The wildcard matcher is changed. You can use
allowedOriginPatterns
for your own patterns, or simple wildcards in the normal origins. Eg.*.laravel.com
should still work.v0.9.0 (2016-03-2017)
Breaking changes
- The
cors
alias is no longer added by default. Use the full class or add the alias yourself.- The Lumen ServiceProvider has been removed. Both Laravel and Lumen should use
Barryvdh\Cors\ServiceProvider::class
.Barryvdh\Cors\Stack\CorsService
moves to\Barryvdh\Cors\CorsService
(namespace changed).Barryvdh\Cors@addActualRequestHeaders
will automatically attached when Exception occured.Added
- Better error-handling when exceptions occur.
- A lot of tests, also on older Laravel versions.
Commits
-
8cc9f7e
Update readme.md -
5f5e584
Update changelog.md -
7dcfb1a
Clarify patterns -
dbb02ec
Clarify config -
138be6e
[2.x] Add event listener (#450) -
b50ffb7
Check error states -
8ab3eef
Merge branch 'master' of github.com:fruitcake/laravel-cors -
b9a342a
Update cors-not-working.md -
a955680
Clarify update -
22065b5
Update badge - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language -
@dependabot badge me
will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot dashboard:
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)