formidable
Advanced tools
formidable - npm Package Compare versions
Comparing version
@@ -32,3 +32,4 @@ if (global.GENTLY) require = GENTLY.hijack(require); | ||
| this.type = null; | ||
| this.hash = false; | ||
| this.hash = opts.hash || false; | ||
| this.multiples = opts.multiples || false; | ||
@@ -44,3 +45,3 @@ this.bytesReceived = null; | ||
| return this; | ||
| }; | ||
| } | ||
| util.inherits(IncomingForm, EventEmitter); | ||
@@ -88,3 +89,14 @@ exports.IncomingForm = IncomingForm; | ||
| .on('file', function(name, file) { | ||
| files[name] = file; | ||
| if (this.multiples) { | ||
| if (files[name]) { | ||
| if (!Array.isArray(files[name])) { | ||
| files[name] = [files[name]]; | ||
| } | ||
| files[name].push(file); | ||
| } else { | ||
| files[name] = file; | ||
| } | ||
| } else { | ||
| files[name] = file; | ||
| } | ||
| }) | ||
@@ -136,4 +148,7 @@ .on('error', function(err) { | ||
| IncomingForm.prototype.write = function(buffer) { | ||
| if (this.error) { | ||
| return; | ||
| } | ||
| if (!this._parser) { | ||
| this._error(new Error('unintialized parser')); | ||
| this._error(new Error('uninitialized parser')); | ||
| return; | ||
@@ -205,2 +220,5 @@ } | ||
| part.on('data', function(buffer) { | ||
| if (buffer.length == 0) { | ||
| return; | ||
| } | ||
| self.pause(); | ||
@@ -253,4 +271,4 @@ file.write(buffer, function() { | ||
| if (this.headers['content-type'].match(/multipart/i)) { | ||
| var m; | ||
| if (m = this.headers['content-type'].match(/boundary=(?:"([^"]+)"|([^;]+))/i)) { | ||
| var m = this.headers['content-type'].match(/boundary=(?:"([^"]+)"|([^;]+))/i); | ||
| if (m) { | ||
| this._initMultipart(m[1] || m[2]); | ||
@@ -277,3 +295,2 @@ } else { | ||
| this.error = err; | ||
| this.pause(); | ||
| this.emit('error', err); | ||
@@ -284,3 +301,3 @@ | ||
| file._writeStream.destroy(); | ||
| setTimeout(fs.unlink, 0, file.path); | ||
| setTimeout(fs.unlink, 0, file.path, function(error) { }); | ||
| }); | ||
@@ -345,5 +362,5 @@ } | ||
| var m; | ||
| var m = headerValue.match(/\bname="([^"]+)"/i); | ||
| if (headerField == 'content-disposition') { | ||
| if (m = headerValue.match(/\bname="([^"]+)"/i)) { | ||
| if (m) { | ||
| part.name = m[1]; | ||
@@ -387,4 +404,4 @@ } | ||
| */ | ||
| var offset = parseInt(part.transferBuffer.length / 4) * 4; | ||
| part.emit('data', new Buffer(part.transferBuffer.substring(0, offset), 'base64')) | ||
| var offset = parseInt(part.transferBuffer.length / 4, 10) * 4; | ||
| part.emit('data', new Buffer(part.transferBuffer.substring(0, offset), 'base64')); | ||
| part.transferBuffer = part.transferBuffer.substring(offset); | ||
@@ -394,3 +411,3 @@ }; | ||
| parser.onPartEnd = function() { | ||
| part.emit('data', new Buffer(part.transferBuffer, 'base64')) | ||
| part.emit('data', new Buffer(part.transferBuffer, 'base64')); | ||
| part.emit('end'); | ||
@@ -457,6 +474,5 @@ }; | ||
| this.emit('fileBegin', filename, file); | ||
| file.open(); | ||
| this.emit('fileBegin', filename, file); | ||
| this._flushing++; | ||
@@ -490,4 +506,6 @@ | ||
| var done = function(){ | ||
| self.emit('file', 'file', file); | ||
| self._maybeEnd(); | ||
| file.end(function() { | ||
| self.emit('file', 'file', file); | ||
| self._maybeEnd(); | ||
| }); | ||
| }; | ||
@@ -515,3 +533,3 @@ | ||
| self.emit('field', key, val); | ||
| } | ||
| }; | ||
@@ -534,3 +552,3 @@ parser.onEnd = function() { | ||
| var ext = path.extname(filename); | ||
| ext = ext.replace(/(\.[a-z0-9]+).*/, '$1'); | ||
| ext = ext.replace(/(\.[a-z0-9]+).*/i, '$1'); | ||
@@ -537,0 +555,0 @@ name += ext; |
| if (global.GENTLY) require = GENTLY.hijack(require); | ||
| var Buffer = require('buffer').Buffer | ||
| var Buffer = require('buffer').Buffer; | ||
@@ -8,3 +8,3 @@ function JSONParser() { | ||
| this.bytesWritten = 0; | ||
| }; | ||
| } | ||
| exports.JSONParser = JSONParser; | ||
@@ -14,3 +14,3 @@ | ||
| this.data = new Buffer(length); | ||
| } | ||
| }; | ||
@@ -25,7 +25,7 @@ JSONParser.prototype.write = function(buffer) { | ||
| return buffer.length; | ||
| } | ||
| }; | ||
| JSONParser.prototype.end = function() { | ||
| try { | ||
| var fields = JSON.parse(this.data.toString('utf8')) | ||
| var fields = JSON.parse(this.data.toString('utf8')); | ||
| for (var field in fields) { | ||
@@ -38,2 +38,2 @@ this.onField(field, fields[field]); | ||
| this.onEnd(); | ||
| } | ||
| }; |
@@ -49,3 +49,3 @@ var Buffer = require('buffer').Buffer, | ||
| this.flags = 0; | ||
| }; | ||
| } | ||
| exports.MultipartParser = MultipartParser; | ||
@@ -131,3 +131,5 @@ | ||
| if (index == boundary.length - 2) { | ||
| if (c != CR) { | ||
| if (c == HYPHEN) { | ||
| flags |= F.LAST_BOUNDARY; | ||
| } else if (c != CR) { | ||
| return i; | ||
@@ -138,8 +140,13 @@ } | ||
| } else if (index - 1 == boundary.length - 2) { | ||
| if (c != LF) { | ||
| if (flags & F.LAST_BOUNDARY && c == HYPHEN){ | ||
| callback('end'); | ||
| state = S.END; | ||
| flags = 0; | ||
| } else if (!(flags & F.LAST_BOUNDARY) && c == LF) { | ||
| index = 0; | ||
| callback('partBegin'); | ||
| state = S.HEADER_FIELD_START; | ||
| } else { | ||
| return i; | ||
| } | ||
| index = 0; | ||
| callback('partBegin'); | ||
| state = S.HEADER_FIELD_START; | ||
| break; | ||
@@ -220,3 +227,3 @@ } | ||
| if (index == 0) { | ||
| if (index === 0) { | ||
| // boyer-moore derrived algorithm to safely skip non-boundary data | ||
@@ -233,3 +240,3 @@ i += boundaryEnd; | ||
| if (boundary[index] == c) { | ||
| if (index == 0) { | ||
| if (index === 0) { | ||
| dataCallback('partData', true); | ||
@@ -268,2 +275,3 @@ } | ||
| state = S.END; | ||
| flags = 0; | ||
| } else { | ||
@@ -319,3 +327,3 @@ index = 0; | ||
| }; | ||
| if ((this.state == S.HEADER_FIELD_START && this.index == 0) || | ||
| if ((this.state == S.HEADER_FIELD_START && this.index === 0) || | ||
| (this.state == S.PART_DATA && this.index == this.boundary.length)) { | ||
@@ -322,0 +330,0 @@ callback(this, 'partEnd'); |
@@ -10,3 +10,3 @@ if (global.GENTLY) require = GENTLY.hijack(require); | ||
| this.buffer = ''; | ||
| }; | ||
| } | ||
| exports.QuerystringParser = QuerystringParser; | ||
@@ -13,0 +13,0 @@ |
@@ -5,3 +5,3 @@ { | ||
| "homepage": "https://github.com/felixge/node-formidable", | ||
| "version": "1.0.14", | ||
| "version": "1.0.15", | ||
| "devDependencies": { | ||
@@ -8,0 +8,0 @@ "gently": "0.8.0", |
@@ -25,2 +25,4 @@ # Formidable | ||
| This is a low level package, and if you're using a high level framework such as Express, chances are it's already included in it. You can [read this discussion](http://stackoverflow.com/questions/11295554/how-to-disable-express-bodyparser-for-file-uploads-node-js) about how Formidable is integrated with Express. | ||
| Via [npm](http://github.com/isaacs/npm): | ||
@@ -86,7 +88,6 @@ ``` | ||
| ```javascript | ||
| form.uploadDir = process.env.TMP || process.env.TMPDIR || process.env.TEMP || '/tmp' || process.cwd(); | ||
| form.uploadDir = "/my/dir"; | ||
| ``` | ||
| The directory for placing file uploads in. You can move them later on using | ||
| `fs.rename()`. The default directory is picked at module load time depending on | ||
| the first existing directory from those listed above. | ||
| Sets the directory for placing file uploads in. You can move them later on using | ||
| `fs.rename()`. The default is `os.tmpDir()`. | ||
@@ -111,6 +112,6 @@ ```javascript | ||
| ```javascript | ||
| form.maxFields = 0; | ||
| form.maxFields = 1000; | ||
| ``` | ||
| Limits the number of fields that the querystring parser will decode. Defaults | ||
| to 0 (unlimited). | ||
| to 1000 (0 for unlimited). | ||
@@ -123,2 +124,7 @@ ```javascript | ||
| ```javascript | ||
| form.multiples = false; | ||
| ``` | ||
| If this option is enabled, when you call `form.parse`, the `files` argument will contain arrays of files for inputs which submit multiple files using the HTML5 `multiple` attribute. | ||
| ```javascript | ||
| form.bytesReceived | ||
@@ -136,3 +142,3 @@ ``` | ||
| ``` | ||
| Parses an incoming node.js `request` containing form data. If `cb` is provided, all fields an files are collected and passed to the callback: | ||
| Parses an incoming node.js `request` containing form data. If `cb` is provided, all fields and files are collected and passed to the callback: | ||
@@ -139,0 +145,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Number of lines in readme file
426
1.43%- Number of low supply chain risk alerts
2
-89.47%- Number of medium supply chain risk alerts
1
-92.86%Worsened metrics
- Total package byte prevSize
40686
-58.39%- Number of package files
13
-74%- Lines of code
882
-64.69%