restify - npm Package Compare versions

Comparing version 1.4.1 to 1.4.2

CHANGES.md

@@ -5,2 +5,8 @@ # restify Changelog
 
+- Add Route.realize( Domenic Denicola)
+- defaultResponseHeaders setter was setting the wrong method (Harry Marr)
+- Workaround joyent/node#3257 (Dave Pacheco)
+- logging typo (Pedro Candel)
+- response `beforeSend` event (Paul Bouzakis)
+
 ## 1.4.1
@@ -7,0 +13,0 @@

lib/clients/string_client.js

@@ -101,6 +101,7 @@ // Copyright 2012 Mark Cavage, Inc.  All rights reserved.
       self.log.trace('sending body -> %s', body);
-      req.write(body);
+      req.end(body);
+    } else {
+      req.end();
     }
 
-    req.end();
     return req.once('result', self.parse(req, callback));
@@ -107,0 +108,0 @@ });

lib/index.js

@@ -13,2 +13,3 @@ // Copyright 2012 Mark Cavage, Inc.  All rights reserved.
 
+var sanitizePath = require('./utils').sanitizePath;
 
@@ -181,2 +182,17 @@
 
+  /**
+   * Returns a string representation of a URL pattern , with its parameters
+   * filled in by the passed hash.
+   *
+   * If a key is not found in the hash for a param, it is left alone.
+   *
+   * @param {Object} a hash of parameter names to values for substitution.
+   */
+  realizeUrl: function realizeUrl(pattern, params) {
+    return sanitizePath(pattern.replace(/\/:([^/]+)/g, function (match, key) {
+      return params.hasOwnProperty(key) ? '/' + params[key] : match;
+    }));
+  },
+
+
   HttpClient: HttpClient,
@@ -205,3 +221,3 @@ JsonClient: JsonClient,
 
-  http.ServerResponse.prototype.defaultHeaders = f;
+  http.ServerResponse.prototype.defaultResponseHeaders = f;
 });

lib/plugins/json_body_parser.js

@@ -20,3 +20,3 @@ // Copyright 2012 Mark Cavage, Inc.  All rights reserved.
  * Returns a plugin that will parse the HTTP request body IFF the
- * contentType is application/x-www-form-urlencoded.
+ * contentType is application/json.
  *
@@ -23,0 +23,0 @@ * If req.params already contains a given key, that key is skipped and an

lib/request.js

@@ -12,2 +12,3 @@ // Copyright 2012 Mark Cavage, Inc.  All rights reserved.
 
+var sanitizePath = require('./utils').sanitizePath;
 
@@ -23,22 +24,2 @@
 
-/**
- * Cleans up sloppy URL paths, like /foo////bar/// to /foo/bar.
- *
- * @param {String} path the HTTP resource path.
- * @return {String} Cleaned up form of path.
- */
-function sanitizePath(path) {
-  assert.ok(path);
-
-  // Be nice like apache and strip out any //my//foo//bar///blah
-  path = path.replace(/\/\/+/g, '/');
-
-  // Kill a trailing '/'
-  if (path.lastIndexOf('/') === (path.length - 1) && path.length > 1)
-    path = path.substr(0, path.length - 1);
-
-  return path;
-}
-
-
 // The following three functions are courtesy of expressjs
@@ -45,0 +26,0 @@ // as is req.accepts(), and req.is() below.

lib/response.js

@@ -400,2 +400,4 @@ // Copyright 2012 Mark Cavage, Inc.  All rights reserved.
   var data = body ? this.format(body) : null;
+  this.emit('beforeSend', data);
+
   this.defaultResponseHeaders(data);
@@ -456,3 +458,3 @@ this.writeHead(this.statusCode, this.headers);
 
-  log.trace('format(%s) returing: %s', type, data);
+  log.trace('format(%s) returning: %s', type, data);
   return data;
@@ -459,0 +461,0 @@ };

package.json

@@ -23,3 +23,3 @@ {
   "description": "REST framework",
-  "version": "1.4.1",
+  "version": "1.4.2",
   "repository": {
@@ -26,0 +26,0 @@ "type": "git",

test/server.test.js

@@ -952,2 +952,49 @@ // Copyright 2012 Mark Cavage, Inc.  All rights reserved.
 
+test('GH-141 return next(err) not working', function (t) {
+  var server = restify.createServer({ dtrace: DTRACE, log: LOGGER });
+  server.use(restify.authorizationParser());
+  server.use(function authenticate(req, res, next) {
+    if (req.username !== 'admin' ||
+        !req.authorization.basic ||
+        req.authorization.basic.password !== 'admin') {
+      return next(new restify.NotAuthorizedError('invalid credentials'));
+    }
+    return next();
+  });
+
+  server.get('/', function (req, res, next) {
+    res.send(200, req.username);
+    return next();
+  });
+
+  server.listen(PORT, function () {
+    var opts = {
+      hostname: 'localhost',
+      port: PORT,
+      path: '/',
+      method: 'GET',
+      agent: false,
+      headers: {
+        accept: 'text/plain',
+        authorization: 'Basic ' + new Buffer('admin:foo').toString('base64')
+      }
+    };
+    http.request(opts, function (res) {
+      t.equal(res.statusCode, 403);
+      var body = '';
+      res.setEncoding('utf8');
+      res.on('data', function (chunk) {
+        body += chunk;
+      });
+      res.on('end', function () {
+        t.equal(body, 'invalid credentials');
+        server.close(function () {
+          t.end();
+        });
+      });
+    }).end();
+  });
+});
+
+
 //
@@ -954,0 +1001,0 @@ // Disabled, as Heroku (travis) doesn't allow us to write to /tmp

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Lines of code

5039

increased by2.77%

Worsened metrics

Total package byte prevSize

166464

decreased by-10.91%

Number of package files

38

decreased by-7.32%

Number of low supply chain risk alerts

10

increased by25%

Number of medium supply chain risk alerts

13

increased by8.33%

No dependency changes