Releases: auth0/nextjs-auth0
Releases · auth0/nextjs-auth0
Release list
v1.7.0
Added
- Include message body in 302 responses #564 (michielvangendt)
Fixed
- Honor configured sameSite in transient cookies so you can login to iframe using 'none' #571 (adamjmcgrath)
- Cookies with samesite=none must have the secure attr set #570 (adamjmcgrath)
- Improve types in server-side withPageAuthRequired #554 (misoton665)
v1.6.2
Fixed
- Fix issue where error reporting wrong instanceof #543 (adamjmcgrath)
Security
- Enforce configured host on user supplied returnTo #557 (adamjmcgrath)
v1.6.1
v1.6.0
Added
- SDK-2818 Export error classes #508 (adamjmcgrath)
- SDK-2529 Add ability to pass custom params to refresh grant and code exchange #507 (adamjmcgrath)
- SDK-2813 Add afterRefresh hook #506 (adamjmcgrath)
Fixed
v1.5.0
v1.4.2
Fixed
- Fix reflected XSS from the callback handler's error query parameter CVE-2021-32702 (adamjmcgrath)
v1.4.0
Added
withPageAuthRequiredCSR now addsuserto wrapped component props #405 (adamjmcgrath)
Fixed
- env var substitutions now means you can define
AUTH0_BASE_URLfromVERCEL_URLinnext.config.js#404 (adamjmcgrath)
v1.3.1
Fixed
- Use
window.location.toString()as the defaultreturnTovalue #370 (Widcket) returnToshould be encoded as it contains url unsafe chars #365 (adamjmcgrath)
v1.3.0
Added
- Organizations support #343 (adamjmcgrath)
v1.2.0
Added
- Export
UserContextfor overriding default hook initialisation behaviour #325 (adamjmcgrath)
Fixed