This repository has been archived by the owner on Sep 14, 2022. It is now read-only.
1.9.0
- Pass invalid csrf token error to
next()instead of throwing - Pass misconfigured error to
next()instead of throwing - Provide misconfigured error when using cookies without cookie-parser
- deps: cookie@0.3.1
- Add
sameSiteoption - Fix cookie
Max-Ageto never be a floating point number - Improve error message when
expiresis not aDate - Throw better error for invalid argument to parse
- Throw on invalid values provided to
serialize - perf: enable strict mode
- perf: hoist regular expression
- perf: use for loop in parse
- perf: use string concatination for serialization
- Add
- deps: csrf@~3.0.3
- Use
tsscmpmodule for timing-safe token verification - deps: base64-url@1.2.2
- deps: rndm@1.2.0
- deps: uid-safe@2.1.1
- Use
- deps: http-errors@~1.5.0
- Add
HttpErrorexport, forerr instanceof createError.HttpError - Support new code
421 Misdirected Request - Use
setprototypeofmodule to replace__proto__setting - deps: inherits@2.0.1
- deps: statuses@'>= 1.3.0 < 2'
- perf: enable strict mode
- Add
- perf: enable strict mode
- perf: remove argument reassignment