Comparing version 0.4.2 to 0.4.3
@@ -0,1 +1,11 @@ | ||
0.4.3 / 2014-06-11 | ||
================== | ||
* Do not throw un-catchable error on file open race condition | ||
* Use `escape-html` for HTML escaping | ||
* deps: debug@1.0.2 | ||
- fix some debugging output colors on node.js 0.8 | ||
* deps: finished@1.2.2 | ||
* deps: fresh@0.2.2 | ||
0.4.2 / 2014-06-09 | ||
@@ -2,0 +12,0 @@ ================== |
@@ -7,2 +7,3 @@ | ||
var debug = require('debug')('send') | ||
var escapeHtml = require('escape-html') | ||
, parseRange = require('range-parser') | ||
@@ -172,5 +173,14 @@ , Stream = require('stream') | ||
var msg = http.STATUS_CODES[status]; | ||
err = err || new Error(msg); | ||
err.status = status; | ||
if (this.listeners('error').length) return this.emit('error', err); | ||
// emit if listeners instead of responding | ||
if (this.listeners('error').length) { | ||
return this.emit('error', err); | ||
} | ||
// wipe all existing headers | ||
res._headers = undefined; | ||
res.statusCode = err.status; | ||
@@ -334,3 +344,3 @@ res.end(msg); | ||
res.setHeader('Location', path); | ||
res.end('Redirecting to ' + utils.escape(path)); | ||
res.end('Redirecting to ' + escapeHtml(path)); | ||
}; | ||
@@ -539,2 +549,6 @@ | ||
// clean up stream | ||
finished = true; | ||
stream.destroy(); | ||
// no hope in responding | ||
@@ -547,5 +561,4 @@ if (res._header) { | ||
// 500 | ||
err.status = 500; | ||
self.emit('error', err); | ||
// error | ||
self.onStatError(err); | ||
}); | ||
@@ -552,0 +565,0 @@ |
@@ -19,3 +19,7 @@ | ||
var tag = String(stat.mtime.getTime()) + ':' + String(stat.size) + ':' + path; | ||
return 'W/"' + exports.md5(tag, 'base64') + '"'; | ||
var str = crypto | ||
.createHash('md5') | ||
.update(tag, 'utf8') | ||
.digest('base64'); | ||
return 'W/"' + str + '"'; | ||
}; | ||
@@ -40,37 +44,1 @@ | ||
}; | ||
/** | ||
* Escape the given string of `html`. | ||
* | ||
* @param {String} html | ||
* @return {String} | ||
* @api private | ||
*/ | ||
exports.escape = function(html){ | ||
return String(html) | ||
.replace(/&(?!\w+;)/g, '&') | ||
.replace(/</g, '<') | ||
.replace(/>/g, '>') | ||
.replace(/"/g, '"'); | ||
}; | ||
/** | ||
* Return md5 hash of the given string and optional encoding, | ||
* defaulting to hex. | ||
* | ||
* utils.md5('wahoo'); | ||
* // => "e493298061761236c96b02ea6aa8a2ad" | ||
* | ||
* @param {String} str | ||
* @param {String} encoding | ||
* @return {String} | ||
* @api private | ||
*/ | ||
exports.md5 = function(str, encoding){ | ||
return crypto | ||
.createHash('md5') | ||
.update(str, 'utf8') | ||
.digest(encoding || 'hex'); | ||
}; |
{ | ||
"name": "send", | ||
"description": "Better streaming static file server with Range and conditional-GET support", | ||
"version": "0.4.2", | ||
"version": "0.4.3", | ||
"author": "TJ Holowaychuk <tj@vision-media.ca>", | ||
@@ -17,5 +17,6 @@ "contributors": [ | ||
"dependencies": { | ||
"debug": "1.0.1", | ||
"finished": "1.2.1", | ||
"fresh": "~0.2.1", | ||
"debug": "1.0.2", | ||
"escape-html": "1.0.1", | ||
"finished": "1.2.2", | ||
"fresh": "0.2.2", | ||
"mime": "1.2.11", | ||
@@ -22,0 +23,0 @@ "range-parser": "~1.0.0" |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
20950
6
539
+ Addedescape-html@1.0.1
+ Addeddebug@1.0.2(transitive)
+ Addedee-first@1.0.3(transitive)
+ Addedescape-html@1.0.1(transitive)
+ Addedfinished@1.2.2(transitive)
+ Addedfresh@0.2.2(transitive)
- Removeddebug@1.0.1(transitive)
- Removedfinished@1.2.1(transitive)
- Removedfresh@0.2.4(transitive)
Updateddebug@1.0.2
Updatedfinished@1.2.2
Updatedfresh@0.2.2