Socket
Socket
Sign inDemoInstall

express

Package Overview
Dependencies
Maintainers
4
Versions
279
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

express - npm Package Compare versions

Comparing version 4.14.1 to 4.15.0

13

lib/application.js

@@ -31,2 +31,3 @@ /*!

var resolve = require('path').resolve;
var setPrototyeOf = require('setprototypeof')
var slice = Array.prototype.slice;

@@ -98,6 +99,6 @@

// inherit protos
this.request.__proto__ = parent.request;
this.response.__proto__ = parent.response;
this.engines.__proto__ = parent.engines;
this.settings.__proto__ = parent.settings;
setPrototyeOf(this.request, parent.request)
setPrototyeOf(this.response, parent.response)
setPrototyeOf(this.engines, parent.engines)
setPrototyeOf(this.settings, parent.settings)
});

@@ -232,4 +233,4 @@

fn.handle(req, res, function (err) {
req.__proto__ = orig.request;
res.__proto__ = orig.response;
setPrototyeOf(req, orig.request)
setPrototyeOf(res, orig.response)
next(err);

@@ -236,0 +237,0 @@ });

12

lib/express.js

@@ -44,4 +44,12 @@ /*!

app.request = { __proto__: req, app: app };
app.response = { __proto__: res, app: app };
// expose the prototype that will get set on requests
app.request = Object.create(req, {
app: { configurable: true, enumerable: true, writable: true, value: app }
})
// expose the prototype that will get set on responses
app.response = Object.create(res, {
app: { configurable: true, enumerable: true, writable: true, value: app }
})
app.init();

@@ -48,0 +56,0 @@ return app;

11

lib/middleware/init.js

@@ -12,2 +12,9 @@ /*!

/**
* Module dependencies.
* @private
*/
var setPrototyeOf = require('setprototypeof')
/**
* Initialization middleware, exposing the

@@ -29,4 +36,4 @@ * request and response to each other, as well

req.__proto__ = app.request;
res.__proto__ = app.response;
setPrototyeOf(req, app.request)
setPrototyeOf(res, app.response)

@@ -33,0 +40,0 @@ res.locals = res.locals || Object.create(null);

31

lib/request.js

@@ -28,9 +28,15 @@ /*!

* Request prototype.
* @public
*/
var req = exports = module.exports = {
__proto__: http.IncomingMessage.prototype
};
var req = Object.create(http.IncomingMessage.prototype)
/**
* Module exports.
* @public
*/
module.exports = req
/**
* Return request header.

@@ -360,3 +366,8 @@ *

var addrs = proxyaddr.all(this, trust);
return addrs.slice(1).reverse();
// reverse the order (to farthest -> closest)
// and remove socket address
addrs.reverse().pop()
return addrs
});

@@ -452,3 +463,4 @@

var method = this.method;
var s = this.res.statusCode;
var res = this.res
var status = res.statusCode

@@ -459,4 +471,7 @@ // GET or HEAD for weak freshness validation only

// 2xx or 304 as per rfc2616 14.26
if ((s >= 200 && s < 300) || 304 === s) {
return fresh(this.headers, (this.res._headers || {}));
if ((status >= 200 && status < 300) || 304 === status) {
return fresh(this.headers, {
'etag': res.get('ETag'),
'last-modified': res.get('Last-Modified')
})
}

@@ -506,2 +521,2 @@

});
};
}

22

lib/response.js

@@ -23,2 +23,3 @@ /*!

var path = require('path');
var statuses = require('statuses')
var merge = require('utils-merge');

@@ -29,3 +30,2 @@ var sign = require('cookie-signature').sign;

var setCharset = require('./utils').setCharset;
var statusCodes = http.STATUS_CODES;
var cookie = require('cookie');

@@ -40,9 +40,15 @@ var send = require('send');

* Response prototype.
* @public
*/
var res = module.exports = {
__proto__: http.ServerResponse.prototype
};
var res = Object.create(http.ServerResponse.prototype)
/**
* Module exports.
* @public
*/
module.exports = res
/**
* Module variables.

@@ -135,3 +141,3 @@ * @private

this.statusCode = chunk;
chunk = statusCodes[chunk];
chunk = statuses[chunk]
}

@@ -341,3 +347,3 @@

res.sendStatus = function sendStatus(statusCode) {
var body = statusCodes[statusCode] || String(statusCode);
var body = statuses[statusCode] || String(statusCode)

@@ -884,3 +890,3 @@ this.statusCode = statusCode;

text: function(){
body = statusCodes[status] + '. Redirecting to ' + address;
body = statuses[status] + '. Redirecting to ' + address
},

@@ -890,3 +896,3 @@

var u = escapeHtml(address);
body = '<p>' + statusCodes[status] + '. Redirecting to <a href="' + u + '">' + u + '</a></p>';
body = '<p>' + statuses[status] + '. Redirecting to <a href="' + u + '">' + u + '</a></p>'
},

@@ -893,0 +899,0 @@

51

lib/router/index.js

@@ -24,2 +24,3 @@ /*!

var parseUrl = require('parseurl');
var setPrototypeOf = require('setprototypeof')

@@ -51,3 +52,3 @@ /**

// mixin Router class functions
router.__proto__ = proto;
setPrototypeOf(router, proto)

@@ -142,7 +143,4 @@ router.params = {};

var search = 1 + req.url.indexOf('?');
var pathlength = search ? search - 1 : req.url.length;
var fqdn = req.url[0] !== '/' && 1 + req.url.substr(0, pathlength).indexOf('://');
var protohost = fqdn ? req.url.substr(0, req.url.indexOf('/', 2 + fqdn)) : '';
var idx = 0;
var protohost = getProtohost(req.url) || ''
var removed = '';

@@ -199,2 +197,8 @@ var slashAdded = false;

// signal to exit router
if (layerError === 'router') {
setImmediate(done, null)
return
}
// no more matching layers

@@ -289,8 +293,9 @@ if (idx >= stack.length) {

function trim_prefix(layer, layerError, layerPath, path) {
var c = path[layerPath.length];
if (c && '/' !== c && '.' !== c) return next(layerError);
if (layerPath.length !== 0) {
// Validate path breaks on a path separator
var c = path[layerPath.length]
if (c && c !== '/' && c !== '.') return next(layerError)
// Trim off the part of the url that matches the route
// middleware (.use stuff) needs to have the path stripped
if (layerPath.length !== 0) {
// Trim off the part of the url that matches the route
// middleware (.use stuff) needs to have the path stripped
debug('trim prefix (%s) from url %s', layerPath, req.url);

@@ -301,3 +306,3 @@ removed = layerPath;

// Ensure leading slash
if (!fqdn && req.url[0] !== '/') {
if (!protohost && req.url[0] !== '/') {
req.url = '/' + req.url;

@@ -360,7 +365,2 @@ slashAdded = true;

key = keys[i++];
if (!key) {
return done();
}
name = key.name;

@@ -469,3 +469,3 @@ paramVal = req.params[name];

// add the middleware
debug('use %s %s', path, fn.name || '<anonymous>');
debug('use %o %s', path, fn.name || '<anonymous>')

@@ -542,2 +542,19 @@ var layer = new Layer(path, {

// Get get protocol + host for a URL
function getProtohost(url) {
if (typeof url !== 'string' || url.length === 0 || url[0] === '/') {
return undefined
}
var searchIndex = url.indexOf('?')
var pathLength = searchIndex !== -1
? searchIndex
: url.length
var fqdnIndex = url.substr(0, pathLength).indexOf('://')
return fqdnIndex !== -1
? url.substr(0, url.indexOf('/', 3 + fqdnIndex))
: undefined
}
// get type for error message

@@ -544,0 +561,0 @@ function gettype(obj) {

47

lib/router/layer.js

@@ -38,3 +38,3 @@ /*!

debug('new %s', path);
debug('new %o', path)
var opts = options || {};

@@ -48,5 +48,5 @@

if (path === '/' && opts.end === false) {
this.regexp.fast_slash = true;
}
// set fast path flags
this.regexp.fast_star = path === '*'
this.regexp.fast_slash = path === '/' && opts.end === false
}

@@ -113,19 +113,24 @@

Layer.prototype.match = function match(path) {
if (path == null) {
// no path, nothing matches
this.params = undefined;
this.path = undefined;
return false;
}
var match
if (this.regexp.fast_slash) {
// fast path non-ending match for / (everything matches)
this.params = {};
this.path = '';
return true;
if (path != null) {
// fast path non-ending match for / (any path matches)
if (this.regexp.fast_slash) {
this.params = {}
this.path = ''
return true
}
// fast path for * (everything matched in a param)
if (this.regexp.fast_star) {
this.params = {'0': decode_param(path)}
this.path = path
return true
}
// match the path
match = this.regexp.exec(path)
}
var m = this.regexp.exec(path);
if (!m) {
if (!match) {
this.params = undefined;

@@ -138,3 +143,3 @@ this.path = undefined;

this.params = {};
this.path = m[0];
this.path = match[0]

@@ -144,6 +149,6 @@ var keys = this.keys;

for (var i = 1; i < m.length; i++) {
for (var i = 1; i < match.length; i++) {
var key = keys[i - 1];
var prop = key.name;
var val = decode_param(m[i]);
var val = decode_param(match[i])

@@ -150,0 +155,0 @@ if (val !== undefined || !(hasOwnProperty.call(params, prop))) {

10

lib/router/route.js

@@ -47,3 +47,3 @@ /*!

debug('new %s', path);
debug('new %o', path)

@@ -116,2 +116,3 @@ // route handlers for various http methods

function next(err) {
// signal to exit route
if (err && err === 'route') {

@@ -121,2 +122,7 @@ return done();

// signal to exit router
if (err && err === 'router') {
return done(err)
}
var layer = stack[idx++];

@@ -202,3 +208,3 @@ if (!layer) {

debug('%s %s', method, this.path);
debug('%s %o', method, this.path)

@@ -205,0 +211,0 @@ var layer = Layer('/', {}, handle);

4

lib/view.js

@@ -78,3 +78,5 @@ /*!

// load engine
opts.engines[this.ext] = require(this.ext.substr(1)).__express;
var mod = this.ext.substr(1)
debug('require "%s"', mod)
opts.engines[this.ext] = require(mod).__express
}

@@ -81,0 +83,0 @@

29

package.json
{
"name": "express",
"description": "Fast, unopinionated, minimalist web framework",
"version": "4.14.1",
"version": "4.15.0",
"author": "TJ Holowaychuk <tj@vision-media.ca>",

@@ -36,9 +36,9 @@ "contributors": [

"cookie-signature": "1.0.6",
"debug": "~2.2.0",
"debug": "2.6.1",
"depd": "~1.1.0",
"encodeurl": "~1.0.1",
"escape-html": "~1.0.3",
"etag": "~1.7.0",
"finalhandler": "0.5.1",
"fresh": "0.3.0",
"etag": "~1.8.0",
"finalhandler": "~1.0.0",
"fresh": "0.5.0",
"merge-descriptors": "1.0.1",

@@ -50,6 +50,8 @@ "methods": "~1.1.2",

"proxy-addr": "~1.1.3",
"qs": "6.2.0",
"qs": "6.3.1",
"range-parser": "~1.2.0",
"send": "0.14.2",
"serve-static": "~1.11.2",
"send": "0.15.0",
"serve-static": "1.12.0",
"setprototypeof": "1.0.3",
"statuses": "~1.3.1",
"type-is": "~1.6.14",

@@ -61,12 +63,13 @@ "utils-merge": "1.0.0",

"after": "0.8.2",
"body-parser": "1.16.0",
"body-parser": "1.17.0",
"cookie-parser": "~1.4.3",
"ejs": "2.5.5",
"express-session": "1.15.0",
"ejs": "2.5.6",
"express-session": "1.15.1",
"istanbul": "0.4.5",
"marked": "0.3.6",
"method-override": "~2.3.6",
"method-override": "2.3.7",
"mocha": "3.2.0",
"morgan": "~1.7.0",
"morgan": "1.8.1",
"multiparty": "4.1.3",
"pbkdf2-password": "1.2.1",
"should": "11.2.0",

@@ -73,0 +76,0 @@ "supertest": "1.2.0",

2

Readme.md

@@ -40,3 +40,3 @@ [![Express Logo](https://i.cloudup.com/zfY6lL7eFa-3000x3000.png)](http://expressjs.com/)

* [Website and Documentation](http://expressjs.com/) - [[website repo](https://github.com/strongloop/expressjs.com)]
* [Website and Documentation](http://expressjs.com/) - [[website repo](https://github.com/expressjs/expressjs.com)]
* [#express](https://webchat.freenode.net/?channels=express) on freenode IRC

@@ -43,0 +43,0 @@ * [Github Organization](https://github.com/expressjs) for Official Middleware & Modules

History.md

Sorry, the diff of this file is too big to display

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc