express - npm Package Compare versions

express

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Comparing version 4.18.3 to 4.19.0

lib/response.js

		@@ -37,2 +37,3 @@ /*!
		var vary = require('vary');
		var urlParse = require('url').parse;

		@@ -915,4 +916,21 @@ /**

		var lowerLoc = loc.toLowerCase();
		var encodedUrl = encodeUrl(loc);
		if (lowerLoc.indexOf('https://') === 0 \|\| lowerLoc.indexOf('http://') === 0) {
		try {
		var parsedUrl = urlParse(loc);
		var parsedEncodedUrl = urlParse(encodedUrl);
		// Because this can encode the host, check that we did not change the host
		if (parsedUrl.host !== parsedEncodedUrl.host) {
		// If the host changes after encodeUrl, return the original url
		return this.set('Location', loc);
		}
		} catch (e) {
		// If parse fails, return the original url
		return this.set('Location', loc);
		}
		}

		// set location
		return this.set('Location', encodeUrl(loc));
		return this.set('Location', encodedUrl);
		};
		@@ -919,0 +937,0 @@

package.json

		{
		"name": "express",
		"description": "Fast, unopinionated, minimalist web framework",
		"version": "4.18.3",
		"version": "4.19.0",
		"author": "TJ Holowaychuk <tj@vision-media.ca>",
		@@ -36,3 +36,3 @@ "contributors": [
		"content-type": "~1.0.4",
		"cookie": "0.5.0",
		"cookie": "0.6.0",
		"cookie-signature": "1.0.6",
		@@ -39,0 +39,0 @@ "debug": "2.6.9",

History.md

Sorry, the diff of this file is too big to display

New alerts