method-override - npm Package Compare versions

Comparing version 1.0.1 to 1.0.2

History.md

@@ -0,1 +1,7 @@
+1.0.2 / 2014-05-22
+==================
+
+  * Handle `req.body` key referencing array or object
+  * Handle multiple HTTP headers
+
 1.0.1 / 2014-05-17
@@ -2,0 +8,0 @@ ==================

index.js

@@ -29,5 +29,7 @@ /*!
 module.exports = function methodOverride(key){
-  key = key || "_method";
+  key = key || '_method';
   return function methodOverride(req, res, next) {
-    var method;
+    var method
+    var val
+
     req.originalMethod = req.originalMethod || req.method;
@@ -37,13 +39,21 @@
     if (req.body && typeof req.body === 'object' && key in req.body) {
-      method = req.body[key].toLowerCase();
-      delete req.body[key];
+      method = req.body[key]
+      delete req.body[key]
     }
 
     // check X-HTTP-Method-Override
-    if (req.headers['x-http-method-override']) {
-      method = req.headers['x-http-method-override'].toLowerCase();
+    val = req.headers['x-http-method-override']
+    if (val) {
+      // multiple headers get joined with comma by node.js core
+      method = val.split(/ *, */)
     }
 
+    if (Array.isArray(method)) {
+      method = method[0]
+    }
+
     // replace
-    if (supports(method)) req.method = method.toUpperCase();
+    if (supports(method)) {
+      req.method = method.toUpperCase()
+    }
 
@@ -59,3 +69,5 @@ next();
 function supports(method) {
-  return ~methods.indexOf(method);
+  return method
+    && typeof method === 'string'
+    && methods.indexOf(method.toLowerCase()) !== -1
 }

package.json

 {
   "name": "method-override",
   "description": "Override HTTP verbs",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "author": {
@@ -11,2 +11,8 @@ "name": "Jonathan Ong",
   },
+  "contributors": [
+    {
+      "name": "Douglas Christopher Wilson",
+      "email": "doug@somethingdoug.com"
+    }
+  ],
   "license": "MIT",
@@ -25,3 +31,4 @@ "repository": {
   "devDependencies": {
-    "mocha": "~1.18.2",
+    "istanbul": "0.2.10",
+    "mocha": "~1.19.0",
     "supertest": "~0.12.1"
@@ -33,4 +40,6 @@ },
   "scripts": {
-    "test": "mocha --reporter spec"
+    "test": "mocha --reporter dot test/",
+    "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot test/",
+    "test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --reporter spec test/"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

5416

increased by14.17%

Lines of code

58

increased by20.83%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dev dependency count

3

increased by50%

No dependency changes