1.5.5

• Compatibility with Symfony 4.1
• Fixed preflight responses to always include Origin in the Vary HTTP header

1.5.4

• Compatibility with Symfony 4

1.5.3

• Fixed regression in 1.5.2

1.5.2

• Fixed bundle initialization in case paths is empty

1.5.1

• Fixed forced_allow_origin_value to always set the header regardless of CORS, so that requests can properly be cached even if they are not always accessed via CORS

1.5.0

• Added an forced_allow_origin_value option to force the value that is returned, in case you cache responses and can not have the allowed origin automatically set to the Origin header
• Fixed Access-Control-Allow-Headers being sent even when it was empty
• Fixed listener priority down to 250 (This may be BREAKING depending on what you do with your own listeners, but should be fine in most cases, just watch out).

1.4.1

• Fixed requirements to allow Symfony3

1.4.0

• Added an origin_regex option to allow defining origins based on regular expressions

1.3.3

• Fixed a security regression in 1.3.2 that allowed GET requests to be executed from any domain

1.3.2

• Remove 403 on non-OPTIONS requests that have an invalid origin header