Releases · amphp/http-server · GitHub

01 May 23:06

trowski

3.4.5 Latest

Latest

What's Changed

Fix http/2 ping flood behaviour by @kafkiansky in #386

New Contributors

@kafkiansky made their first contribution in #386

Full Changelog: v3.4.4...v3.4.5

Contributors

kafkiansky

Assets 2

28 Apr 17:19

trowski

2.1.11

What's Changed

Made implicit nullable types explicit to avoid deprecation notice in PHP 8.4

Full Changelog: v2.1.10...v2.1.11

Assets 2

08 Feb 18:32

trowski

3.4.4

What's Changed

Fixed "MadeYouReset" HTTP/2 DoS attack vector described by CVE-2025-8671 and https://kb.cert.org/vuls/id/767506.

Stream reset protection has been refactored to account for the number of reset streams within a sliding time window. Note that your application must expose HTTP/2 connections directly to be affected by this vulnerability. Servers behind a proxy using HTTP/1.x such as nginx are not affected.

Full Changelog: v3.4.3...v3.4.4

Assets 2

08 Feb 23:35

trowski

2.1.10

What's Changed

Fixed "MadeYouReset" HTTP/2 DoS attack vector described by CVE-2025-8671 and https://kb.cert.org/vuls/id/767506.

Stream reset protection has been refactored to account for the number of reset streams within a sliding time window. Note that your application must expose HTTP/2 connections directly to be affected by this vulnerability. Servers behind a proxy using HTTP/1.x such as nginx are not affected.

Full Changelog: v2.1.9...v2.1.10

Assets 2

08 Feb 17:31

trowski

2.1.9

What's Changed

Allowed league/uri@^7.1 in addition to ^6

Full Changelog: v2.1.8...v2.1.9

Assets 2

18 May 15:54

trowski

3.4.3

What's Changed

Avoid hanging requests in case a request body is closed prematurely by @danog in #380
Fix parsing of raw ipv6 address in host header by @luzrain in #378

New Contributors

@danog made their first contribution in #380

Full Changelog: v3.4.2...v3.4.3

Contributors

danog and luzrain

Assets 2

31 Dec 16:36

trowski

3.4.2

What's Changed

Forward Cancellation in ConnectionLimitingServerSocket by @Fneufneu in #377

New Contributors

@Fneufneu made their first contribution in #377

Full Changelog: v3.4.1...v3.4.2

Contributors

Fneufneu

Assets 2

21 Dec 00:59

trowski

3.4.1

What's Changed

Fixed #376, removing calls to deprecated methods in league/uri, dropping support for league/uri@6.x
Fixed #367 and #370 where a pending request could cause the server to hang during shutdown. Pending request reads are now cancelled when shutting down the HTTP/1.1 driver.

Full Changelog: v3.4.0...v3.4.1

Assets 2

15 Dec 17:21

trowski

3.4.0

What's Changed

Fix method property in logger context by @luzrain in #373
Add ExceptionHandler interface and middleware by @trowski in #375
Add _ to host validation by @maximal in #372
Fixed issue #371, suspending the connection or stream timeout until the request handler returns a response.

New Contributors

@luzrain made their first contribution in #373
@maximal made their first contribution in #372

Full Changelog: v3.3.1...v3.4.0

Contributors

maximal, trowski, and luzrain

Assets 2

21 Apr 15:53

trowski

3.3.1

What's Changed

Made implicit nullable types explicit to avoid deprecation notice in PHP 8.4
Typo in README.md by @tncrazvan in #361

New Contributors

@tncrazvan made their first contribution in #361

Full Changelog: v3.3.0...v3.3.1

Contributors

razshare

Assets 2