formidable
Advanced tools
Comparing version 1.0.2 to 1.0.3
@@ -281,4 +281,5 @@ if (global.GENTLY) require = GENTLY.hijack(require); | ||
if (m = headerValue.match(/filename="([^;]+)"/i)) { | ||
part.filename = m[1].substr(m[1].lastIndexOf('\\') + 1); | ||
var filename = self._fileName(headerValue); | ||
if (filename) { | ||
part.filename = filename; | ||
} | ||
@@ -313,2 +314,14 @@ } else if (headerField == 'content-type') { | ||
IncomingForm.prototype._fileName = function(headerValue) { | ||
var m = headerValue.match(/filename="(.+?)"($|; )/i) | ||
if (!m) return; | ||
var filename = m[1].substr(m[1].lastIndexOf('\\') + 1); | ||
filename = filename.replace(/%22/g, '"'); | ||
filename = filename.replace(/&#([\d]{4});/g, function(m, code) { | ||
return String.fromCharCode(code); | ||
}); | ||
return filename; | ||
}; | ||
IncomingForm.prototype._initUrlencoded = function() { | ||
@@ -315,0 +328,0 @@ this.type = 'urlencoded'; |
@@ -210,9 +210,7 @@ var Buffer = require('buffer').Buffer, | ||
// boyer-moore derrived algorithm to safely skip non-boundary data | ||
while (i + boundaryLength <= bufferLength) { | ||
if (buffer[i + boundaryEnd] in boundaryChars) { | ||
break; | ||
} | ||
i += boundaryEnd; | ||
while (i < bufferLength && !(buffer[i] in boundaryChars)) { | ||
i += boundaryLength; | ||
} | ||
i -= boundaryEnd; | ||
c = buffer[i]; | ||
@@ -219,0 +217,0 @@ } |
{ | ||
"name": "formidable", | ||
"version": "1.0.2", | ||
"version": "1.0.3", | ||
"dependencies": {}, | ||
"devDependencies": { | ||
"gently": ">=0.7.0" | ||
"gently": "0.8.0", | ||
"far": "0.0.7", | ||
"fast-or-slow": "0.0.5", | ||
"findit": "0.1.1", | ||
"hashish": "0.0.4" | ||
}, | ||
@@ -8,0 +12,0 @@ "directories": { |
@@ -23,2 +23,8 @@ # Formidable | ||
### v1.0.3 | ||
* Fix problems with utf8 characters (#84) / semicolons in filenames (#58) | ||
* Small performance improvements | ||
* New test suite and fixture system | ||
### v1.0.2 | ||
@@ -126,3 +132,3 @@ | ||
); | ||
}); | ||
}).listen(80); | ||
@@ -129,0 +135,0 @@ ## API |
@@ -1,24 +0,20 @@ | ||
var path = require('path'), | ||
fs = require('fs'); | ||
var mysql = require('..'); | ||
var path = require('path'); | ||
try { | ||
global.Gently = require('gently'); | ||
} catch (e) { | ||
throw new Error('this test suite requires node-gently'); | ||
} | ||
var root = path.join(__dirname, '../'); | ||
exports.dir = { | ||
root: root, | ||
lib: root + '/lib', | ||
fixture: root + '/test/fixture', | ||
tmp: root + '/test/tmp', | ||
}; | ||
exports.lib = path.join(__dirname, '../lib'); | ||
exports.port = 13532; | ||
global.GENTLY = new Gently(); | ||
exports.formidable = require('..'); | ||
exports.fastOrSlow = require('fast-or-slow'); | ||
exports.assert = require('assert'); | ||
global.assert = require('assert'); | ||
global.TEST_PORT = 13532; | ||
global.TEST_FIXTURES = path.join(__dirname, 'fixture'); | ||
global.TEST_TMP = path.join(__dirname, 'tmp'); | ||
// Stupid new feature in node that complains about gently attaching too many | ||
// listeners to process 'exit'. This is a workaround until I can think of a | ||
// better way to deal with this. | ||
if (process.setMaxListeners) { | ||
process.setMaxListeners(10000); | ||
} | ||
exports.require = function(lib) { | ||
return require(exports.dir.lib + '/' + lib); | ||
}; |
Sorry, the diff of this file is not supported yet
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
2769560
69
1926
265
5
19
7