koa-send - npm Package Compare versions
Comparing version 1.2.4 to 1.3.0
28
index.js
@@ -5,3 +5,2 @@ /** | ||
| var onFinished = require('finished'); | ||
| var debug = require('debug')('koa-send'); | ||
@@ -14,3 +13,3 @@ var assert = require('assert'); | ||
| var resolve = path.resolve; | ||
| var fs = require('fs'); | ||
| var fs = require('mz/fs'); | ||
| var join = path.join; | ||
@@ -49,2 +48,3 @@ | ||
| var trailingSlash = '/' == path[path.length - 1]; | ||
| var encoding = this.acceptsEncodings('gzip', 'deflate', 'identity'); | ||
@@ -70,3 +70,3 @@ // normalize path | ||
| // out of bounds | ||
| if (root && 0 != path.indexOf(root)) return ctx.throw('malicious path', 400); | ||
| if (root && 0 !== path.indexOf(root)) return ctx.throw('malicious path', 400); | ||
@@ -76,5 +76,12 @@ // hidden file support, ignore | ||
| // serve gzipped file when possible | ||
| if (encoding === 'gzip' && (yield fs.exists(path + '.gz'))) { | ||
| path = path + '.gz'; | ||
| ctx.set('Content-Encoding', 'gzip'); | ||
| ctx.res.removeHeader('Content-Length'); | ||
| } | ||
| // stat | ||
| try { | ||
| var stats = yield stat(path); | ||
| var stats = yield fs.stat(path); | ||
| if (stats.isDirectory()) return; | ||
@@ -92,5 +99,4 @@ } catch (err) { | ||
| ctx.set('Cache-Control', 'max-age=' + (maxage / 1000 | 0)); | ||
| ctx.type = extname(path); | ||
| var stream = ctx.body = fs.createReadStream(path); | ||
| onFinished(ctx, stream.destroy.bind(stream)); | ||
| ctx.type = type(path); | ||
| ctx.body = fs.createReadStream(path); | ||
@@ -110,9 +116,7 @@ return path; | ||
| /** | ||
| * Stat thunk. | ||
| * File type. | ||
| */ | ||
| function stat(file) { | ||
| return function(done){ | ||
| fs.stat(file, done); | ||
| } | ||
| function type(file) { | ||
| return extname(basename(file, '.gz')); | ||
| } | ||
@@ -119,0 +123,0 @@ |
@@ -5,3 +5,3 @@ { | ||
| "repository": "koajs/send", | ||
| "version": "1.2.4", | ||
| "version": "1.3.0", | ||
| "keywords": [ | ||
@@ -20,12 +20,15 @@ "koa", | ||
| "mocha": "1", | ||
| "supertest": "0" | ||
| "supertest": "0", | ||
| "istanbul-harmony": "0" | ||
| }, | ||
| "license": "MIT", | ||
| "dependencies": { | ||
| "finished": "~1.2.2", | ||
| "debug": "*" | ||
| "debug": "*", | ||
| "mz": "^1.0.1" | ||
| }, | ||
| "scripts": { | ||
| "test": "make test" | ||
| "test": "mocha --harmony-generators --require should --reporter spec", | ||
| "test-cov": "node --harmony-generators ./node_modules/.bin/istanbul cover ./node_modules/.bin/_mocha -- --require should", | ||
| "test-travis": "node --harmony-generators ./node_modules/.bin/istanbul cover ./node_modules/.bin/_mocha --report lcovonly -- --require should" | ||
| } | ||
| } |
| # koa-send [](https://travis-ci.org/koajs/send) | ||
| # koa-send | ||
| [![NPM version][npm-image]][npm-url] | ||
| [![Build status][travis-image]][travis-url] | ||
| [![Test coverage][coveralls-image]][coveralls-url] | ||
| [![Dependency Status][david-image]][david-url] | ||
| [![License][license-image]][license-url] | ||
| [![Downloads][downloads-image]][downloads-url] | ||
| Static file serving middleware. | ||
@@ -18,2 +25,4 @@ | ||
| Note that the module will try to serve the gzipped version of a file automatically when `gzip` is supported by a client and if the requested file with `.gz` extension exists. | ||
| ## Root path | ||
@@ -63,2 +72,19 @@ | ||
| MIT | ||
| MIT | ||
| [npm-image]: https://img.shields.io/npm/v/koa-send.svg?style=flat-square | ||
| [npm-url]: https://npmjs.org/package/koa-send | ||
| [github-tag]: http://img.shields.io/github/tag/koajs/send.svg?style=flat-square | ||
| [github-url]: https://github.com/koajs/send/tags | ||
| [travis-image]: https://img.shields.io/travis/koajs/send.svg?style=flat-square | ||
| [travis-url]: https://travis-ci.org/koajs/send | ||
| [coveralls-image]: https://img.shields.io/coveralls/koajs/send.svg?style=flat-square | ||
| [coveralls-url]: https://coveralls.io/r/koajs/send?branch=master | ||
| [david-image]: http://img.shields.io/david/koajs/send.svg?style=flat-square | ||
| [david-url]: https://david-dm.org/koajs/send | ||
| [license-image]: http://img.shields.io/npm/l/koa-send.svg?style=flat-square | ||
| [license-url]: LICENSE | ||
| [downloads-image]: http://img.shields.io/npm/dm/koa-send.svg?style=flat-square | ||
| [downloads-url]: https://npmjs.org/package/koa-send | ||
| [gittip-image]: https://img.shields.io/gittip/jonathanong.svg?style=flat-square | ||
| [gittip-url]: https://www.gittip.com/jonathanong/ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by40.23%
6623
- Lines of code
- increased by2.7%
114
- Number of lines in readme file
- increased by43.55%
89
- Number of low supply chain risk alerts
- decreased by-50%
1
Worsened metrics
- Dev dependency count
- increased by25%
5
Dependency changes
+ Addedmz@^1.0.1
+ Addedany-promise@1.3.0(transitive)
+ Addedmz@1.3.0(transitive)
+ Addednative-or-bluebird@1.2.0(transitive)
+ Addedthenify@3.3.1(transitive)
+ Addedthenify-all@1.6.0(transitive)
- Removedfinished@~1.2.2
- Removedee-first@1.0.3(transitive)
- Removedfinished@1.2.2(transitive)