serve-static - npm Package Compare versions

Comparing version 1.11.2 to 1.12.0

HISTORY.md

@@ -0,1 +1,19 @@
+1.12.0 / 2017-02-5
+===================
+
+  * Send complete HTML document in redirect response
+  * Set default CSP header in redirect response
+  * deps: send@0.15.0
+    - Fix false detection of `no-cache` request directive
+    - Fix incorrect result when `If-None-Match` has both `*` and ETags
+    - Fix weak `ETag` matching to match spec
+    - Remove usage of `res._headers` private field
+    - Support `If-Match` and `If-Unmodified-Since` headers
+    - Use `res.getHeaderNames()` when available
+    - Use `res.headersSent` when available
+    - deps: debug@2.6.1
+    - deps: etag@~1.8.0
+    - deps: fresh@0.5.0
+    - deps: http-errors@~1.6.1
+
 1.11.2 / 2017-01-23
@@ -2,0 +20,0 @@ ===================

index.js

@@ -145,2 +145,22 @@ /*!
 
+ /**
+ * Create a minimal HTML document.
+ *
+ * @param {string} title
+ * @param {string} body
+ * @private
+ */
+
+function createHtmlDocument (title, body) {
+  return '<!DOCTYPE html>\n' +
+    '<html lang="en">\n' +
+    '<head>\n' +
+    '<meta charset="utf-8">\n' +
+    '<title>' + title + '</title>\n' +
+    '</head>\n' +
+    '<body>\n' +
+    '<pre>' + body + '</pre>\n' +
+    '</body>\n'
+}
+
 /**
@@ -163,3 +183,3 @@ * Create a directory listener that just 404s.
 function createRedirectDirectoryListener () {
-  return function redirect () {
+  return function redirect (res) {
     if (this.hasTrailingSlash()) {
@@ -179,4 +199,4 @@ this.error(404)
     var loc = encodeUrl(url.format(originalUrl))
-    var msg = 'Redirecting to <a href="' + escapeHtml(loc) + '">' + escapeHtml(loc) + '</a>\n'
-    var res = this.res
+    var doc = createHtmlDocument('Redirecting', 'Redirecting to <a href="' + escapeHtml(loc) + '">' +
+      escapeHtml(loc) + '</a>')
 
@@ -186,7 +206,8 @@ // send redirect response
     res.setHeader('Content-Type', 'text/html; charset=UTF-8')
-    res.setHeader('Content-Length', Buffer.byteLength(msg))
+    res.setHeader('Content-Length', Buffer.byteLength(doc))
+    res.setHeader('Content-Security-Policy', "default-src 'self'")
     res.setHeader('X-Content-Type-Options', 'nosniff')
     res.setHeader('Location', loc)
-    res.end(msg)
+    res.end(doc)
   }
 }

package.json

 {
   "name": "serve-static",
   "description": "Serve static files",
-  "version": "1.11.2",
+  "version": "1.12.0",
   "author": "Douglas Christopher Wilson <doug@somethingdoug.com>",
@@ -12,7 +12,8 @@ "license": "MIT",
     "parseurl": "~1.3.1",
-    "send": "0.14.2"
+    "send": "0.15.0"
   },
   "devDependencies": {
-    "eslint": "3.14.0",
+    "eslint": "3.16.1",
     "eslint-config-standard": "6.2.1",
+    "eslint-plugin-markdown": "1.0.0-beta.3",
     "eslint-plugin-promise": "3.4.0",
@@ -33,3 +34,3 @@ "eslint-plugin-standard": "2.0.1",
   "scripts": {
-    "lint": "eslint .",
+    "lint": "eslint --plugin markdown --ext js,md .",
     "test": "mocha --reporter spec --bail --check-leaks test/",
@@ -36,0 +37,0 @@ "test-ci": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --reporter spec --check-leaks test/",

README.md

@@ -22,2 +22,4 @@ # serve-static
 
+<!-- eslint-disable no-unused-vars -->
+
 ```js
@@ -162,3 +164,3 @@ var serveStatic = require('serve-static')
 // Set header to force download
-function setHeaders(res, path) {
+function setHeaders (res, path) {
   res.setHeader('Content-Disposition', contentDisposition(path))
@@ -200,2 +202,3 @@ }
 var express = require('express')
+var path = require('path')
 var serveStatic = require('serve-static')
@@ -205,4 +208,4 @@
 
-app.use(serveStatic(__dirname + '/public-optimized'))
-app.use(serveStatic(__dirname + '/public'))
+app.use(serveStatic(path.join(__dirname, 'public-optimized')))
+app.use(serveStatic(path.join(__dirname, 'public')))
 app.listen(3000)
@@ -219,2 +222,3 @@ ```
 var express = require('express')
+var path = require('path')
 var serveStatic = require('serve-static')
@@ -224,3 +228,3 @@
 
-app.use(serveStatic(__dirname + '/public', {
+app.use(serveStatic(path.join(__dirname, 'public'), {
   maxAge: '1d',
@@ -227,0 +231,0 @@ setHeaders: setCustomCacheControl

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

22330

increased by6.25%

Lines of code

171

increased by12.5%

Number of lines in readme file

254

increased by1.6%

Worsened metrics

Dev dependency count

8

increased by14.29%

Dependency changes

• + Addeddebug@2.6.1(transitive)

• + Addedetag@1.8.1(transitive)

• + Addedfresh@0.5.0(transitive)

• + Addedhttp-errors@1.6.3(transitive)

• + Addedsend@0.15.0(transitive)

• + Addedsetprototypeof@1.1.0(transitive)

• + Addedstatuses@1.5.0(transitive)

• - Removeddebug@2.2.0(transitive)

• - Removedetag@1.7.0(transitive)

• - Removedfresh@0.3.0(transitive)

• - Removedhttp-errors@1.5.1(transitive)

• - Removedms@0.7.1(transitive)

• - Removedsend@0.14.2(transitive)

• - Removedsetprototypeof@1.0.2(transitive)

• Updatedsend@0.15.0