Release Date: October 6, 2022
4.2.7 release of CodeIgniter4
Secure or HttpOnly flag set in ConfigCookie is not reflected in Cookies issued was fixed. See the Security advisory GHSA-745p-r637-7vvp for more information.
Fixed a bug that prevents CSP headers from being sent when
The default values of the parameters in
CodeIgniter\HTTP\Response::setCookie()has been fixed. Now the default values of
null, and these values will be replaced with the
Time::__toString()is now locale-independent. It returns database-compatible strings like ‘2022-09-07 12:00:00’ in any locale.
The Validation rule
Validation\StrictRules\Rule::required_without()parameters have been changed and the logic of these rule has also been fixed.
Fixed typos in some items in
Added missing item
See the repo’s CHANGELOG.md for a complete list of bugs fixed.