express-session - npm Package Compare versions

Comparing version 1.16.0 to 1.16.1

HISTORY.md

@@ -0,1 +1,7 @@
+1.16.1 / 2019-04-11
+===================
+
+  * Fix error passing `data` option to `Cookie` constructor
+  * Fix uncaught error from bad session data
+
 1.16.0 / 2019-04-10
@@ -2,0 +8,0 @@ ===================

index.js

@@ -366,2 +366,15 @@ /*!
 
+    // inflate the session
+    function inflate (req, sess) {
+      store.createSession(req, sess)
+      originalId = req.sessionID
+      originalHash = hash(sess)
+
+      if (!resaveSession) {
+        savedHash = originalHash
+      }
+
+      wrapmethods(req.session)
+    }
+
     // wrap session methods
@@ -464,30 +477,22 @@ function wrapmethods(sess) {
       // error handling
-      if (err) {
+      if (err && err.code !== 'ENOENT') {
         debug('error %j', err);
+        next(err)
+        return
+      }
 
-        if (err.code !== 'ENOENT') {
-          next(err);
-          return;
+      try {
+        if (err || !sess) {
+          debug('no session found')
+          generate()
+        } else {
+          debug('session found')
+          inflate(req, sess)
         }
-
-        generate();
-      // no session
-      } else if (!sess) {
-        debug('no session found');
-        generate();
-      // populate req.session
-      } else {
-        debug('session found');
-        store.createSession(req, sess);
-        originalId = req.sessionID;
-        originalHash = hash(sess);
-
-        if (!resaveSession) {
-          savedHash = originalHash
-        }
-
-        wrapmethods(req.session);
+      } catch (e) {
+        next(e)
+        return
       }
 
-      next();
+      next()
     });
@@ -494,0 +499,0 @@ };

package.json

 {
   "name": "express-session",
-  "version": "1.16.0",
+  "version": "1.16.1",
   "description": "Simple session middleware for Express",
@@ -5,0 +5,0 @@ "author": "TJ Holowaychuk <tj@vision-media.ca> (http://tjholowaychuk.com)",

session/cookie.js

@@ -36,3 +36,5 @@ /*!
     for (var key in options) {
-      this[key] = options[key]
+      if (key !== 'data') {
+        this[key] = options[key]
+      }
     }
@@ -39,0 +41,0 @@ }

session/memory.js

@@ -174,10 +174,12 @@ /*!
 
-  var expires = typeof sess.cookie.expires === 'string'
-    ? new Date(sess.cookie.expires)
-    : sess.cookie.expires
+  if (sess.cookie) {
+    var expires = typeof sess.cookie.expires === 'string'
+      ? new Date(sess.cookie.expires)
+      : sess.cookie.expires
 
-  // destroy expired session
-  if (expires && expires <= Date.now()) {
-    delete this.sessions[sessionId]
-    return
+    // destroy expired session
+    if (expires && expires <= Date.now()) {
+      delete this.sessions[sessionId]
+      return
+    }
   }
@@ -184,0 +186,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

74629

increased by0.4%

Lines of code

1025

increased by0.89%

No dependency changes