Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

connect

Package Overview
Dependencies
Maintainers
0
Versions
234
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

connect - npm Package Compare versions

Comparing version 0.5.9 to 0.5.10

4

._index.js

@@ -1,4 +0,4 @@

Mac OS X  2��ATTR>����"�"com.macromates.caret{
column = 42;
Mac OS X  2��ATTRVʱ��"�"com.macromates.caret{
column = 39;
line = 1;
}

@@ -1,4 +0,4 @@

Mac OS X  2��ATTR>����"�"com.macromates.caret{
column = 19;
line = 4;
Mac OS X  2��ATTRVʶ��"�"com.macromates.caret{
column = 35;
line = 7;
}

@@ -1,4 +0,4 @@

Mac OS X  2��ATTR>����#�#com.macromates.caret{
Mac OS X  2��ATTRVʺ��#�#com.macromates.caret{
column = 23;
line = 11;
}

@@ -1,4 +0,4 @@

Mac OS X  2��ATTR>����#�#com.macromates.caret{
column = 24;
Mac OS X  2��ATTRV����#�#com.macromates.caret{
column = 25;
line = 11;
}

@@ -1,4 +0,1 @@

Mac OS X  2��ATTR>����$�$com.macromates.caret{
column = 58;
line = 115;
}
Mac OS X  2��ATTRV���� � com.macromates.caretx���R������<[k0?'3/«��

@@ -12,3 +12,3 @@

exports.version = '0.5.9';
exports.version = '0.5.10';

@@ -15,0 +15,0 @@ /**

@@ -1,4 +0,1 @@

Mac OS X  2��ATTR>����"�"com.macromates.caret{
column = 0;
line = 24;
}
Mac OS X  2��ATTRV���� � com.macromates.caretx���R������<[k0?'3/«��

@@ -1,4 +0,1 @@

Mac OS X  2��ATTR>����#�#com.macromates.caret{
column = 43;
line = 66;
}
Mac OS X  2��ATTRV���� � com.macromates.caretx���R������<[k0?'3/«��

@@ -52,7 +52,2 @@

return function sessionHandle(req, res, next) {
if (!req.cookies) {
next(new Error("session requires cookieDecoder to work properly"));
return;
}
var pause = utils.pause(req);

@@ -64,8 +59,2 @@

// Update the session in the store if there is one
if (req.session) {
req.session.touch();
store.set(req.sessionID, req.session);
}
// Only send secure session cookies when there is a secure connection.

@@ -96,2 +85,17 @@ // proxySecure is a custom attribute to allow for a reverse proxy to handle SSL connections and to

// commit sessions on end()
var end = res.end;
res.end = function(data, encoding){
res.end = end;
if (req.session) {
req.session.touch();
store.set(req.sessionID, req.session, function(){
res.end(data, encoding);
});
} else {
res.end(data, encoding);
}
};
// Calculates the security hash to prevent session hijacking

@@ -104,2 +108,3 @@ // Uses information on the user-agent that created the session as it's fingerprint

.digest('base64')
.replace(/\+/g, ' ')
.replace(/=*$/, '');

@@ -111,3 +116,3 @@ }

var base = utils.uid(24);
var sessionID = base + "." + hash(base);
var sessionID = base + '.' + hash(base);
req.sessionID = sessionID;

@@ -114,0 +119,0 @@ req.session = new Session(req);

@@ -61,6 +61,7 @@

head = req.method == 'HEAD',
filename, url = parseUrl(req.url);
url = parseUrl(req.url),
filename = decodeURIComponent(url.pathname);
// Potentially malicious path
if (~url.pathname.indexOf('..')) {
if (~filename.indexOf('..')) {
return forbidden(res);

@@ -70,3 +71,3 @@ }

// Absolute path
filename = Path.join(root, decodeURIComponent(url.pathname));
filename = Path.join(root, filename);

@@ -73,0 +74,0 @@ // Index.html support

@@ -5,8 +5,8 @@ {

"keywords": ["framework", "web", "middleware", "connect", "rack"],
"version": "0.5.9",
"version": "0.5.10",
"repository": "git://github.com/senchalabs/connect.git",
"author": "TJ Holowaychuk <tj@vision-media.ca> (http://tjholowaychuk.com)",
"dependencies": { "qs": ">= 0.0.4" },
"dependencies": { "qs": ">= 0.0.6" },
"main": "index",
"engines": { "node": ">= 0.2.5" }
}

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc