3.15.0

Added

• New middleware: Expires

Changed

• The FormatNegotiator middleware is no longer required with other middlewares, since they use the Content-Type header instead the format name.
• ReadResponse opens the stream in read-only mode, to prevent changes in the file content
• FormatNegotiator adds the Content-Type header before the next middleware (and after, if it's missing again)
• The default handler of ErrorHandler supports many formats (images, json, xml, svg, etc)
• Fixed MethodOverride when the two methods (original and new) are the same.

3.14.3

FormatNegotiator:

• Added more formats by default
• Allow to define multiple extensions associated with one format (for example: jpg, jpeg and jpe).

Whoops

• Improved Handler detection with txt, css and js formats

3.14.2

Fixed FileTrait with paths containing escaped chars (spaces, tildes, etc). This affects to ReadResponse and SaveResponse

3.14.1

Bugs and minor improvements:

• Whoops: Ensure all buffers are discarded before outputting whoops (thanks @brad-jones). #32
• Whoops: Fixed php7 support (catch Throwable objects)
• ErrorHandler: Fixed php7 support (catch Throwable objects). Improved the style of the default handler.
• Shutdown: Use a sans-serif font by default.
• Uuid: Included the X-Uuid header in the response.

3.14.0

BasePath

Previous versions provide the basePath option in some middleware pieces (saveResponse, readResponse, languageNegotiator, etc). For simplicity and to avoid repeat code, this option was removed. Now you can use the basePath middleware that provides a path generator to create full paths:

use Psr7Middlewares\Middleware;
use Psr7Middlewares\Middleware\BasePath;

$middlewares = [
    Middleware::basePath('/my-site/public'),

    Middleware::trailinSlash(),

    function ($request, $response, $next) {
        $basePath = BasePath::getBasePath($request); // returns /my-site/public

        $builder = BasePath::getPathBuilder($request);
        $link = $builder('fancy/path'); // generates /my-site/public/fancy/path

        return $next($request, $response);
    }
];

The middleware pieces affected by this change (dropped the basepath option) are:

• LanguageNegotiator
• TrailinSlash
• ReadResponse
• SaveResponse
• ImageTransformer

Storage

Added the ability to use the session data of PhpSession and AuraSession in other middlewares, creating and sharing a subarray in the request attributes. This change affects to Csrf that no longer need to pass $_SESSION array in the constructor.

Automatic injection

Some middleware pieces like Csrf, Honeypot, etc inject automatically the inputs in post forms. This feature is disabled by default, in order to improve the performance. Now you can get a callable in your router to generate automatically these inputs:

$middlewares = [
    Middleware::Honeypot(),
    function ($request, $response, $next) {
        $generator = Middleware\Honeypot::getGenerator($request);

        $inputs = $generator();

       $response->getBody()->write('<form action="/action.php" method="POST">'.$inputs.'<input type="submit"></form>');

        return $next($request, $response);
    }
];

This change affects to the following middlewares:

• Csrf
• Honeypot
• FormTimestamp

You can enable the automatic injection again using the option ->autoInsert(true)

New additions and fixes

• MethodOverride Added ->parameter() option #28
• ReadResponse Added ->continueOnError() option.
• Geolocate New option ->saveInSession() to reuse the same geolocation result in all requests.
• ImageTransformer Added a generator callable to generate the images paths.
• Allow to register new middleware namespaces using Psr7Middlewares\Middleware::registerNamespace($namespace)
• Robots Do not execute the next middleware if the path is "/robots.txt"
• Middleware::create() now accepts a base path as first argument

Internal changes (not should affects)

• Moved some static methods of Psr7Middlewares\Middleware to traits (getAttribute, setAttribute, hasAttribute, createStream)
• Changed some transformers to be more independent

3.13.2

hotfix #26

3.13.1

• Fixed Https middleware to update the port of the url in addition to the scheme. #24 #25 (thanks @adear11)

3.13.0

New middlewares

• AttributeMapper (#22, thanks @wolfy-j)

Improvements

• New static methods BasicAuthentication::getUsername() and DigestAuthentication::getUsername() to get the name of the logged user (#21, thanks @wolfy-j)
• Improved whoops in cli and xml requests, and upgraded to 2.x

Fixes

• Fixed psr-6 implementation in Cache
• Fixed ImageTransformer bug that added Accept-CH header to all responses

3.12.4

Fixed execution order to be compatible with Zend Expressive and Slim. More info #20
This change affects to:

• Gzip
• Minify
• FormatNegotiator
• AccessLog
• Csp
• GoogleAnalytics
• ImageTransformer
• Piwik

3.12.3

FormTimestamp: Fixed input type (hidden instead text)