Skip to content

Releases: fulll/security-bundle

6.3

26 Jun 07:40
@steven-fulll steven-fulll
6.3
68ccb7d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.3 Latest
Latest

What's Changed

New Contributors

Full Changelog: 6.2.4...6.3

Contributors

steven-fulll
Assets 2
Loading

6.2.4

03 Jun 10:55
@omarghamraoui-fulll omarghamraoui-fulll
6.2.4
01d5b1c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.2.4

What's Changed

New Contributors

Full Changelog: 6.2.3...6.2.4

Contributors

omarghamraoui-fulll
Loading

6.2.3

21 May 08:51
@fberthereau fberthereau
6.2.3
d96607a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.2.3

What's Changed

  • Fix listener to allow request that don't need cors by @fberthereau in #21

Full Changelog: 6.2.2...6.2.3

Contributors

fberthereau
Loading

6.2.2

19 May 12:32
@fberthereau fberthereau
6.2.2
96e41af
This commit was signed with the committer’s verified signature.
fberthereau Florian Berthereau
GPG key ID: B3F062D6215BF80C
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.2.2

Fix CorsListener declaration

Full Changelog: 6.2.1...6.2.2

Loading

6.2.1

19 May 12:09
@fberthereau fberthereau
6.2.1
c9f3187
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.2.1

What's Changed

Full Changelog: 6.2.0...6.2.1

Contributors

fberthereau
Loading

6.2.0 - Add CORS listener

19 May 09:35
@fberthereau fberthereau
6.2.0
87b8332
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.2.0 - Add CORS listener

What's Changed

Full Changelog: 6.1.0...6.2.0

Contributors

Samffy and fberthereau
Loading

6.1.0 - Allow symfony >= 5.4

20 Jun 14:29
@Azoog Azoog
6.1.0
25eebf5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.1.0 - Allow symfony >= 5.4

What's Changed

Full Changelog: 6.0.1...6.1.0

Contributors

Azoog
Loading

6.0.1 - Fix signature TTL type hint

28 Feb 14:06
@nio-dtp nio-dtp
6.0.1
112ceae
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.0.1 - Fix signature TTL type hint

Fix signature TTL type hint

Full Changelog: 6.0...6.0.1

Loading

6.0 - Symfony security authenticator compatibility

03 Feb 11:08
@Azoog Azoog
6.0
d5842c5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.0 - Symfony security authenticator compatibility

⚠️ This version is only available from Symfony 5.4 and PHP 8.0

If you are using an older version, the default branch is the v5 branch for backward compatibility.

Changes in security.yml:

security:
+    # only for sf5
+    enable_authenticator_manager: true

+    providers:
+      # In this new version a provider must be defined to use a custom authenticator.
+      request_signature:
+        id: fulll.request_signature.provider

    firewalls:
        api:
            pattern: ^/api/.*
+            # must be declared explicitly if there are several providers
+            provider: request_signature
            request_signature:
                algorithm: SHA1
                # you can easily ignore this when use functional tests by example
                ignore:    %request_signature.ignore%
                # secret of symfony application or an other one
                secret:    %secret%
                # http://.............?_signature=....
                parameter: _signature
                # Do you want to add a lifetime criteria ? By this way the signature will be transitory
                replay_protection:
                    enabled:   true
                    lifetime:  600
                    parameter: _signature_ttl
Loading

5.4.0 - Handle TTL for signature creation

12 Oct 12:54
@Kevin-koko Kevin-koko
5.4.0
1cbb4da
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
5.4.0 - Handle TTL for signature creation

What's Changed

Full Changelog: 5.3.2...5.4.0

Contributors

Kevin-koko
Loading