serve-handler - npm Package Compare versions

serve-handler

Package Overview

Dependencies

Maintainers

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 5.0.8 to 6.0.0

package.json

		{
		"name": "serve-handler",
		"version": "5.0.8",
		"version": "6.0.0",
		"description": "The routing foundation of `serve` and static deployments on Now",
		@@ -5,0 +5,0 @@ "main": "src/index.js",

README.md

		@@ -61,2 +61,3 @@ # serve-handler
		\| [`renderSingle`](#rendersingle-boolean) \| If a directory only contains one file, render it \|
		\| [`symlinks`](#symlinks-boolean) \| Resolve symlinks instead of rendering a 404 error \|

		@@ -263,2 +264,16 @@ ### public (String)

		### symlinks (Boolean)

		For security purposes, symlinks are disabled by default. If `serve-handler` encounters a symlink, it will treat it as if it doesn't exist in the first place. In turn, a 404 error is rendered for that path.

		However, this behavior can easily be adjusted:

		```js
		{
		"symlinks": true
		}
		```

		Once this property is set as shown above, all symlinks will automatically be resolved to their targets.

		## Error templates
		@@ -280,3 +295,4 @@
		await handler(request, response, undefined, {
		stat(path) {},
		lstat(path) {},
		realpath(path) {},
		createReadStream(path, config) {}
		@@ -283,0 +299,0 @@ readdir(path) {},

src/index.js

		// Native
		const {promisify} = require('util');
		const path = require('path');
		const {stat, createReadStream, readdir} = require('fs');
		const {realpath, lstat, createReadStream, readdir} = require('fs');

		@@ -330,6 +330,6 @@ // Packages

		if (methods.stat) {
		stats = await handlers.stat(filePath, true);
		if (methods.lstat) {
		stats = await handlers.lstat(filePath, true);
		} else {
		stats = await handlers.stat(filePath);
		stats = await handlers.lstat(filePath);
		}
		@@ -470,3 +470,3 @@
		try {
		stats = await handlers.stat(errorPage);
		stats = await handlers.lstat(errorPage);
		} catch (err) {
		@@ -517,3 +517,4 @@ if (err.code !== 'ENOENT') {
		const getHandlers = methods => Object.assign({
		stat: promisify(stat),
		lstat: promisify(lstat),
		realpath: promisify(realpath),
		createReadStream,
		@@ -586,3 +587,3 @@ readdir: promisify(readdir),
		try {
		stats = await handlers.stat(absolutePath);
		stats = await handlers.lstat(absolutePath);
		} catch (err) {
		@@ -599,3 +600,3 @@ if (err.code !== 'ENOENT') {
		try {
		const related = await findRelated(current, relativePath, rewrittenPath, handlers.stat);
		const related = await findRelated(current, relativePath, rewrittenPath, handlers.lstat);

		@@ -614,3 +615,3 @@ if (related) {
		try {
		stats = await handlers.stat(absolutePath);
		stats = await handlers.lstat(absolutePath);
		} catch (err) {
		@@ -661,3 +662,8 @@ if (err.code !== 'ENOENT') {

		if (!stats) {
		const isSymLink = stats && stats.isSymbolicLink();

		// There are two scenarios in which we want to reply with
		// a 404 error: Either the path does not exist, or it is a
		// symlink while the `symlinks` option is disabled (which it is by default).
		if (!stats \|\| (!config.symlinks && isSymLink)) {
		// allow for custom 404 handling
		@@ -671,2 +677,10 @@ return handlers.sendError(absolutePath, response, acceptsJSON, current, handlers, config, {

		// If we figured out that the target is a symlink, we need to
		// resolve the symlink and run a new `stat` call just for the
		// target of that symlink.
		if (isSymLink) {
		absolutePath = await handlers.realpath(absolutePath);
		stats = await handlers.lstat(absolutePath);
		}

		const streamOpts = {};
		@@ -680,2 +694,3 @@
		const {start, end} = range[0];

		streamOpts.start = start;
		@@ -682,0 +697,0 @@ streamOpts.end = end;

Fixed alerts

Improved metrics