crumb - npm Package Compare versions

Comparing version 3.0.0 to 3.0.1

lib/index.js

@@ -59,3 +59,3 @@ // Load modules
             request.route.plugins._crumb) &&
-            !request.headers.origin) {
+            !request.server.settings.cors) {
 
@@ -62,0 +62,0 @@ generate(request, reply);

package.json

 {
   "name": "crumb",
   "description": "CSRF crumb generation and validation plugin",
-  "version": "3.0.0",
+  "version": "3.0.1",
   "author": "Eran Hammer <eran@hueniverse.com> (http://hueniverse.com)",
@@ -10,5 +10,5 @@ "contributors": [
   ],
-  "repository": "git://github.com/spumko/crumb",
+  "repository": "git://github.com/hapijs/crumb",
   "bugs": {
-    "url": "https://github.com/spumko/crumb/issues"
+    "url": "https://github.com/hapijs/crumb/issues"
   },
@@ -44,5 +44,5 @@ "main": "index",
       "type": "BSD",
-      "url": "http://github.com/spumko/crumb/raw/master/LICENSE"
+      "url": "http://github.com/hapijs/crumb/raw/master/LICENSE"
     }
   ]
 }

README.md

@@ -1,8 +0,10 @@
-<a href="https://github.com/spumko"><img src="https://raw.github.com/spumko/spumko/master/images/from.png" align="right" /></a>
-![crumb Logo](https://raw.github.com/spumko/crumb/master/images/crumb.png)
+<a href="https://github.com/hapijs"><img src="https://raw.github.com/hapijs/spumko/master/images/from.png" align="right" /></a>
+![crumb Logo](https://raw.github.com/hapijs/crumb/master/images/crumb.png)
 
-CSRF crumb generation and validation for [**hapi**](https://github.com/spumko/hapi)
+CSRF crumb generation and validation for [**hapi**](https://github.com/hapijs/hapi)
 
-[![Build Status](https://secure.travis-ci.org/spumko/crumb.png)](http://travis-ci.org/spumko/crumb)
+[![Build Status](https://secure.travis-ci.org/hapijs/crumb.png)](http://travis-ci.org/hapijs/crumb)
 
+Lead Maintainer: [Marcus Stong](https://github.com/stongo)
+
 The following options are available when registering the plugin
@@ -14,3 +16,3 @@
 * 'addToViewContext' - whether to automatically add the crumb to view contexts as the given key (defaults to true)
-* 'cookieOptions' - storage options for the cookie containing the crumb, see the [server.state](https://github.com/spumko/hapi/blob/master/docs/Reference.md#serverstatename-options) documentation of hapi for more information
+* 'cookieOptions' - storage options for the cookie containing the crumb, see the [server.state](https://github.com/hapijs/hapi/blob/master/docs/Reference.md#serverstatename-options) documentation of hapi for more information
 * 'restful' - RESTful mode that validates crumb tokens from "X-CSRF-Token" request header for POST, PUT, PATCH and DELETE server routes. Disables payload/query crumb validation (defaults to false)
@@ -17,0 +19,0 @@

test/index.js

@@ -155,11 +155,19 @@ // Load modules
 
-                                    });
-                                });
+                                        server1.inject({method: 'GET', url: '/7'}, function(res) {
 
-                                server1.inject({method: 'GET', url: '/7'}, function(res) {
+                                            var cookie = res.headers['set-cookie'].toString();
+                                            expect(cookie).to.contain('crumb');
 
-                                    var cookie = res.headers['set-cookie'].toString();
-                                    expect(cookie).to.contain('crumb');
+                                            var headers = {};
+                                            headers['Origin'] = '127.0.0.1';
 
-                                    done();
+                                            server1.inject({method: 'GET', url: '/1', headers: headers}, function(res) {
+
+                                                var cookie = res.headers['set-cookie'].toString();
+                                                expect(cookie).to.contain('crumb');
+
+                                                done();
+                                            });
+                                        });
+                                    });
                                 });
@@ -292,3 +300,3 @@ });
             var headers = {};
-            headers['Origin'] = '127.0.0.1'
+            headers['Origin'] = '127.0.0.1';
             server4.inject({ method: 'GET', url: '/1', headers: headers }, function (res) {
@@ -295,0 +303,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

95482

increased by0.64%

Lines of code

517

increased by1.17%

Number of lines in readme file

24

increased by9.09%

No dependency changes