send - npm Package Compare versions

Comparing version 0.4.2 to 0.4.3

History.md

@@ -0,1 +1,11 @@
+0.4.3 / 2014-06-11
+==================
+
+ * Do not throw un-catchable error on file open race condition
+ * Use `escape-html` for HTML escaping
+ * deps: debug@1.0.2
+   - fix some debugging output colors on node.js 0.8
+ * deps: finished@1.2.2
+ * deps: fresh@0.2.2
+
 0.4.2 / 2014-06-09
@@ -2,0 +12,0 @@ ==================

lib/send.js

@@ -7,2 +7,3 @@
 var debug = require('debug')('send')
+var escapeHtml = require('escape-html')
   , parseRange = require('range-parser')
@@ -172,5 +173,14 @@ , Stream = require('stream')
   var msg = http.STATUS_CODES[status];
+
   err = err || new Error(msg);
   err.status = status;
-  if (this.listeners('error').length) return this.emit('error', err);
+
+  // emit if listeners instead of responding
+  if (this.listeners('error').length) {
+    return this.emit('error', err);
+  }
+
+  // wipe all existing headers
+  res._headers = undefined;
+
   res.statusCode = err.status;
@@ -334,3 +344,3 @@ res.end(msg);
   res.setHeader('Location', path);
-  res.end('Redirecting to ' + utils.escape(path));
+  res.end('Redirecting to ' + escapeHtml(path));
 };
@@ -539,2 +549,6 @@
 
+    // clean up stream
+    finished = true;
+    stream.destroy();
+
     // no hope in responding
@@ -547,5 +561,4 @@ if (res._header) {
 
-    // 500
-    err.status = 500;
-    self.emit('error', err);
+    // error
+    self.onStatError(err);
   });
@@ -552,0 +565,0 @@

lib/utils.js

@@ -19,3 +19,7 @@
   var tag = String(stat.mtime.getTime()) + ':' + String(stat.size) + ':' + path;
-  return 'W/"' + exports.md5(tag, 'base64') + '"';
+  var str = crypto
+    .createHash('md5')
+    .update(tag, 'utf8')
+    .digest('base64');
+  return 'W/"' + str + '"';
 };
@@ -40,37 +44,1 @@
 };
-
-/**
- * Escape the given string of `html`.
- *
- * @param {String} html
- * @return {String}
- * @api private
- */
-
-exports.escape = function(html){
-  return String(html)
-    .replace(/&(?!\w+;)/g, '&')
-    .replace(/</g, '&lt;')
-    .replace(/>/g, '&gt;')
-    .replace(/"/g, '&quot;');
-};
-
-/**
- * Return md5 hash of the given string and optional encoding,
- * defaulting to hex.
- *
- *     utils.md5('wahoo');
- *     // => "e493298061761236c96b02ea6aa8a2ad"
- *
- * @param {String} str
- * @param {String} encoding
- * @return {String}
- * @api private
- */
-
-exports.md5 = function(str, encoding){
-  return crypto
-    .createHash('md5')
-    .update(str, 'utf8')
-    .digest(encoding || 'hex');
-};

package.json

 {
   "name": "send",
   "description": "Better streaming static file server with Range and conditional-GET support",
-  "version": "0.4.2",
+  "version": "0.4.3",
   "author": "TJ Holowaychuk <tj@vision-media.ca>",
@@ -17,5 +17,6 @@ "contributors": [
   "dependencies": {
-    "debug": "1.0.1",
-    "finished": "1.2.1",
-    "fresh": "~0.2.1",
+    "debug": "1.0.2",
+    "escape-html": "1.0.1",
+    "finished": "1.2.2",
+    "fresh": "0.2.2",
     "mime": "1.2.11",
@@ -22,0 +23,0 @@ "range-parser": "~1.0.0"

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

20950

decreased by-0.63%

Dependency count

6

increased by20%

Lines of code

539

decreased by-3.58%

Dependency changes

• + Addedescape-html@1.0.1

• + Addeddebug@1.0.2(transitive)

• + Addedee-first@1.0.3(transitive)

• + Addedescape-html@1.0.1(transitive)

• + Addedfinished@1.2.2(transitive)

• + Addedfresh@0.2.2(transitive)

• - Removeddebug@1.0.1(transitive)

• - Removedfinished@1.2.1(transitive)

• - Removedfresh@0.2.4(transitive)

• Updateddebug@1.0.2

• Updatedfinished@1.2.2

• Updatedfresh@0.2.2