npm webpack-dev-middleware 1.10.2
on Node.js NPM

latest releases: 7.2.1, 7.2.0, 6.1.3...
7 years ago

Security fix:

This version contains a security fix, which is also breaking change if you have an insecure configuration.
We are releasing this breaking change as patch version to protect you from attacks.
Sorry if this breaks your setup, but the fix is easy.

We removed setting Access-Control-Allow-Origin to * be default. This allowed evil websites to access your assets.
Instead we ask you to set Access-Control-Allow-Origin manually to your host if required in your setup.
Use the headers option to do so. 

middleware(compiler, {
    headers: {
        "Access-Control-Allow-Origin": "your-host"
    }
})

Read more about CORS here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

Bugfixes:

  • Remove Access-Control-Allow-Origin = * default
Check out latest releases or
releases around webpack-dev-middleware 1.10.2

Don't miss a new webpack-dev-middleware release

NewReleases is sending notifications on new releases.

Get notifications