Comparing version
@@ -0,1 +1,6 @@ | ||
1.1.0 / 2025-07-17 | ||
================== | ||
* - Fix [CVE-2025-7339](https://www.cve.org/CVERecord?id=CVE-2025-7339) ([GHSA-76c9-3jph-rj3q](https://github.com/expressjs/multer/security/advisories/GHSA-76c9-3jph-rj3q)) | ||
1.0.2 / 2019-02-21 | ||
@@ -2,0 +7,0 @@ ================== |
52
index.js
@@ -16,2 +16,8 @@ /*! | ||
var http = require('http') | ||
// older node versions don't have appendHeader | ||
var isAppendHeaderSupported = typeof http.ServerResponse.prototype.appendHeader === 'function' | ||
var set1dArray = isAppendHeaderSupported ? set1dArrayWithAppend : set1dArrayWithSet | ||
/** | ||
@@ -78,4 +84,12 @@ * Create a replacement writeHead method. | ||
function setHeadersFromArray (res, headers) { | ||
for (var i = 0; i < headers.length; i++) { | ||
res.setHeader(headers[i][0], headers[i][1]) | ||
if (headers.length && Array.isArray(headers[0])) { | ||
// 2D | ||
set2dArray(res, headers) | ||
} else { | ||
// 1D | ||
if (headers.length % 2 !== 0) { | ||
throw new TypeError('headers array is malformed') | ||
} | ||
set1dArray(res, headers) | ||
} | ||
@@ -135,1 +149,35 @@ } | ||
} | ||
function set2dArray (res, headers) { | ||
var key | ||
for (var i = 0; i < headers.length; i++) { | ||
key = headers[i][0] | ||
if (key) { | ||
res.setHeader(key, headers[i][1]) | ||
} | ||
} | ||
} | ||
function set1dArrayWithAppend (res, headers) { | ||
for (var i = 0; i < headers.length; i += 2) { | ||
res.removeHeader(headers[i]) | ||
} | ||
var key | ||
for (var j = 0; j < headers.length; j += 2) { | ||
key = headers[j] | ||
if (key) { | ||
res.appendHeader(key, headers[j + 1]) | ||
} | ||
} | ||
} | ||
function set1dArrayWithSet (res, headers) { | ||
var key | ||
for (var i = 0; i < headers.length; i += 2) { | ||
key = headers[i] | ||
if (key) { | ||
res.setHeader(key, headers[i + 1]) | ||
} | ||
} | ||
} |
{ | ||
"name": "on-headers", | ||
"description": "Execute a listener when a response is about to write headers", | ||
"version": "1.0.2", | ||
"version": "1.1.0", | ||
"author": "Douglas Christopher Wilson <doug@somethingdoug.com>", | ||
@@ -15,12 +15,12 @@ "license": "MIT", | ||
"devDependencies": { | ||
"eslint": "5.14.1", | ||
"eslint-config-standard": "12.0.0", | ||
"eslint-plugin-import": "2.16.0", | ||
"eslint-plugin-markdown": "1.0.0", | ||
"eslint-plugin-node": "8.0.1", | ||
"eslint-plugin-promise": "4.0.1", | ||
"eslint-plugin-standard": "4.0.0", | ||
"istanbul": "0.4.5", | ||
"mocha": "6.0.1", | ||
"supertest": "3.4.2" | ||
"eslint": "6.8.0", | ||
"eslint-config-standard": "14.1.1", | ||
"eslint-plugin-import": "2.21.2", | ||
"eslint-plugin-markdown": "1.0.2", | ||
"eslint-plugin-node": "11.1.0", | ||
"eslint-plugin-promise": "4.2.1", | ||
"eslint-plugin-standard": "4.0.1", | ||
"mocha": "10.2.0", | ||
"nyc": "15.1.0", | ||
"supertest": "4.0.2" | ||
}, | ||
@@ -38,7 +38,9 @@ "files": [ | ||
"lint": "eslint --plugin markdown --ext js,md .", | ||
"test": "mocha --reporter spec --bail --check-leaks test/", | ||
"test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot --check-leaks test/", | ||
"test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --reporter spec --check-leaks test/", | ||
"test": "mocha --reporter spec --check-leaks test/test.js", | ||
"test-ci": "nyc --reporter=lcov --reporter=text npm test", | ||
"test-cov": "nyc --reporter=html --reporter=text npm test", | ||
"update-upstream-hashes": "node scripts/update-upstream-hashes.js", | ||
"upstream": "mocha --reporter spec --check-leaks test/upstream.js", | ||
"version": "node scripts/version-history.js && git add HISTORY.md" | ||
} | ||
} |
@@ -5,5 +5,5 @@ # on-headers | ||
[![NPM Downloads][npm-downloads-image]][npm-url] | ||
[![Node.js Version][node-version-image]][node-version-url] | ||
[![Build Status][travis-image]][travis-url] | ||
[![Test Coverage][coveralls-image]][coveralls-url] | ||
[![Node.js Version][node-image]][node-url] | ||
[![Build Status][ci-image]][ci-url] | ||
[![Coverage Status][coveralls-image]][coveralls-url] | ||
@@ -74,10 +74,10 @@ Execute a listener when a response is about to write headers. | ||
[ci-image]: https://badgen.net/github/checks/jshttp/on-headers/master?label=ci | ||
[ci-url]: https://github.com/jshttp/on-headers/actions/workflows/ci.yml | ||
[coveralls-image]: https://badgen.net/coveralls/c/github/jshttp/on-headers/master | ||
[coveralls-url]: https://coveralls.io/r/jshttp/on-headers?branch=master | ||
[node-version-image]: https://badgen.net/npm/node/on-headers | ||
[node-version-url]: https://nodejs.org/en/download | ||
[node-image]: https://badgen.net/npm/node/on-headers | ||
[node-url]: https://nodejs.org/en/download | ||
[npm-downloads-image]: https://badgen.net/npm/dm/on-headers | ||
[npm-url]: https://npmjs.org/package/on-headers | ||
[npm-version-image]: https://badgen.net/npm/v/on-headers | ||
[travis-image]: https://badgen.net/travis/jshttp/on-headers/master | ||
[travis-url]: https://travis-ci.org/jshttp/on-headers |
Unstable ownership
Supply chain riskA new collaborator has begun publishing package versions. Package stability and security risk may be elevated.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
8850
17.41%149
37.96%1
Infinity%2
Infinity%