Open greenkeeper[bot] opened 7 years ago
Update to this version instead 🚀
This version contains a security fix, which is also breaking change if you have an insecure configuration.
We are releasing this breaking change as patch version to protect you from attacks.
Sorry if this breaks your setup, but the fix is easy.
We removed setting Access-Control-Allow-Origin
to *
be default. This allowed evil websites to access your assets.
Instead we ask you to set Access-Control-Allow-Origin
manually to your host if required in your setup.
Use the headers
option to do so.
middleware(compiler, {
headers: {
"Access-Control-Allow-Origin": "your-host"
}
})
Read more about CORS here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
Access-Control-Allow-Origin
= *
defaultThe new version differs by 10 commits0.
9b03d79
1.10.2
c59b3b3
Merge remote-tracking branch 'remotes/origin/add-node-7-travis'
626a35a
remove security risk
798b2f1
Avoid setting http status code explicitly (#175)
1e01626
adding node 7 to travis config (#185)
d986c2e
Merge pull request #176 from piperchester/patch-1
9b9ffee
fixing some number typos in the tests
d3dfe67
adding node 7 to travis config
0ce28c7
Fix link to Kees
bd6a593
use decodeURIComponent for getFilenameFromUrl final output (#173)
false
See the full diff
Update to this version instead 🚀
mimeTypes
optionThe new version differs by 13 commits.
e264335
1.11.0
a22f69b
updating devDep, server tests for webpack@3s
a9e83b4
chore(package): update peerDependencies
(webpack v3.0.0
) (#200)
9050342
fixes #178: update webpack peer dep
8f41224
resolving review requests from #186
42c2e5d
Use options.log, warn and error for compilation messages (#186)
3833a85
Add a option, mimeTypes, to support defining custom mime types (#150)
ebb1fe5
Make serverSideRendering example work consistently (#196)
26f0b40
Fix webpackDevMiddleware to work with Koa2, a Promise must always be returned (#177)
a02a3cf
silly typo in issue template
cf18395
updating the issue template with more emphasis
23a7509
resolve merge conflict for PR #151 (#187)
ae920f1
fix tests for removed headers
See the full diff
Version 1.10.1 of webpack-dev-middleware just got published.
The version 1.10.1 is not covered by your current version range.
Without accepting this pull request your project will work just like it did before. There might be a bunch of new features, fixes and perf improvements that the maintainers worked on for you though.
I recommend you look into these changes and try to get onto the latest version of webpack-dev-middleware. Given that you have a decent test suite, a passing build is a strong indicator that you can take advantage of these changes by merging the proposed change into your project. Otherwise this branch is a great starting point for you to work on the update.
Release Notes
v1.10.1Commits
The new version differs by 2 commits .
8e870fd
1.10.1
6c1b473
Fix files with non-ascii names not getting served
See the full diff.
Not sure how things should work exactly?
There is a collection of [frequently asked questions](https://greenkeeper.io/faq.html) and of course you may always [ask my humans](https://github.com/greenkeeperio/greenkeeper/issues/new).Your Greenkeeper Bot :palm_tree: