Released version 2.4.4

• HttpExtension: added option 'csp' for Content-Security-Policy
• Response::setCode() added $reason
• HttpExtension: sends headers via Http\Response

For the details you can have a look at the diff.

Released version 2.4.3

• Http\Response::setCode produces valid HTTP header on nginx (#113)
• SessionSection::removeExpiration() fixed (#111)
• UrlScript: accept optional $scriptPath parameter in constructor (#109)
• UserStorage: removed BROWSER_CLOSED expiration reason #112
• @return self -> static

For the details you can have a look at the diff.

Released version 2.3.8

• Http\Response::setCode produces valid HTTP header on nginx and PHP >= 5.4(#113)
• @return self -> static
• SessionSection::removeExpiration() fixed (#111)
• RequestFactory: improved checking of $_FILES structure

For the details you can have a look at the diff.

Released version 2.4.2

• Session: removed cookie nette-browser and support for expiration 'until the browser is closed' (#103)
• UrlScript: default scriptPath is whole path to maintain same behavioral as the class Url (in method getBasePath, ...) #100
• RequestFactory: parse the "proto" part of "forwarded" header instead of the "scheme" part. (#106)
• IResponse: added missing HTTP response codes (#107)
• Session: make sure __NF is array (#108)
• Session::$options: removed null options

For the details you can have a look at the diff.

Released version 2.4.1

• FileUpload: added hasFile() (#97)
• Url::getHostUrl() doesn't return empty // #96
• Session: max session id length is 256 #105
• Session: used static access to $started (#104)
• FileUpload: missing variable #98
• RequestFactory: improved checking of $_FILES structure

For the details you can have a look at the diff.

Released version 2.4.0

• requires PHP 5.6
• Implemented RFC 7239 - "Forwarded HTTP Extension" (#94)
• Session: fixed error "Session object destruction failed" - update (#86)
• RequestFactory: removes absolute URI from $_SERVER['REQUEST_URI'](issue #91) (#93)
• RequestFactory: correctly detects scheme and port if the server is behind a trusted proxy #81 #4
• IRequest: added OPTIONS and PATCH method constant (#95)
• Response: do not send "Possible problem notice in CLI" #89
• Response::setExpiration() removes header Pragma
• RequestFactory: Fixed possible remoteAddr spoofing (issue #87)
• FileUpload::move() do not suppress system warnings #82
• HttpExtension, SessionExtension: added parameter $cliMode
• Url: implements JsonSerializable nette/latte#78
• HttpExtension: service http.context is deprecated
• Session: use better detection for started session
• uses Nette\SmartObject & StaticClass

For the details you can have a look at the diff.

Released version 2.3.7

• Session: removed duplicated warning about sent headers
• Response::setExpiration() removes header Pragma

For the details you can have a look at the diff.

Released version 2.3.6

• RequestFactory: Fixed possible remoteAddr spoofing (issue #87)
• SessionPanel: ob_start() is protected against flush when error occurs

For the details you can have a look at the diff.

Released version 2.2.10

• RequestFactory: Fixed possible remoteAddr spoofing (issue #87)
• removed rarely used @property phpDoc
• Fix FileUpload::move($dest) when low permission to chmod

For the details you can have a look at the diff.

Released version 2.3.4

• IRequest: added PATCH method constant
• Fix FileUpload::move($dest) when low permission to chmod
• removed rarely used @property phpDoc

For the details you can have a look at the diff.