Minor Changes
-
#10591
39988ef8e2c4c4888543c973e06d9b9939e4ac95
Thanks @mingjunlu! - Adds a new dev toolbar settings option to change the horizontal placement of the dev toolbar on your screen: bottom left, bottom center, or bottom right. -
#10689
683d51a5eecafbbfbfed3910a3f1fbf0b3531b99
Thanks @ematipico! - Deprecate support for versions of Node.js older thanv18.17.1
for Node.js 18, older thanv20.0.3
for Node.js 20, and the complete Node.js v19 release line.This change is in line with Astro's Node.js support policy.
-
#10678
2e53b5fff6d292b7acdf8c30a6ecf5e5696846a1
Thanks @ematipico! - Adds a new experimental security option to prevent Cross-Site Request Forgery (CSRF) attacks. This feature is available only for pages rendered on demand:import { defineConfig } from 'astro/config'; export default defineConfig({ experimental: { security: { csrfProtection: { origin: true, }, }, }, });
Enabling this setting performs a check that the "origin" header, automatically passed by all modern browsers, matches the URL sent by each
Request
.This experimental "origin" check is executed only for pages rendered on demand, and only for the requests
POST,
PATCH,
DELETEand
PUTwith one of the following
content-type` headers: 'application/x-www-form-urlencoded', 'multipart/form-data', 'text/plain'.It the "origin" header doesn't match the pathname of the request, Astro will return a 403 status code and won't render the page.
-
#10193
440681e7b74511a17b152af0fd6e0e4dc4014025
Thanks @ematipico! - Adds a new i18n routing optionmanual
to allow you to write your own i18n middleware:import { defineConfig } from 'astro/config'; // astro.config.mjs export default defineConfig({ i18n: { locales: ['en', 'fr'], defaultLocale: 'fr', routing: 'manual', }, });
Adding
routing: "manual"
to your i18n config disables Astro's own i18n middleware and provides you with helper functions to write your own:redirectToDefaultLocale
,notFound
, andredirectToFallback
:// middleware.js import { redirectToDefaultLocale } from 'astro:i18n'; export const onRequest = defineMiddleware(async (context, next) => { if (context.url.startsWith('/about')) { return next(); } else { return redirectToDefaultLocale(context, 302); } });
Also adds a
middleware
function that manually creates Astro's i18n middleware. This allows you to extend Astro's i18n routing instead of completely replacing it. Runmiddleware
in combination with your own middleware, using thesequence
utility to determine the order:import { defineMiddleware, sequence } from 'astro:middleware'; import { middleware } from 'astro:i18n'; // Astro's own i18n routing config export const userMiddleware = defineMiddleware(); export const onRequest = sequence( userMiddleware, middleware({ redirectToDefaultLocale: false, prefixDefaultLocale: true, }) );
-
#10671
9e14a78cb05667af9821948c630786f74680090d
Thanks @fshafiee! - Adds thehttpOnly
,sameSite
, andsecure
options when deleting a cookie
Patch Changes
-
#10747
994337c99f84304df1147a14504659439a9a7326
Thanks @lilnasy! - Fixes an issue where functions could not be used as named slots. -
#10750
7e825604ddf90c989537e07939a39dc249343897
Thanks @OliverSpeir! - Fixes a false positive for "Invalidtabindex
on non-interactive element" rule for roleless elements (div
andspan
). -
#10745
d51951ce6278d4b59deed938d65e1cb72b5102df
Thanks @lilnasy! - Fixes an issue where CLI commands could not report the reason for failure before exiting. -
#10661
e2cd7f4291912dadd4a654bc7917856c58a72a97
Thanks @liruifengv! - Fixed errorOverlay theme toggle bug. -
Updated dependencies [
ccafa8d230f65c9302421a0ce0a0adc5824bfd55
,683d51a5eecafbbfbfed3910a3f1fbf0b3531b99
]:- @astrojs/[email protected]
- @astrojs/[email protected]