Skip to content

3.14.0
Compare
Choose a tag to compare
@dougwilson dougwilson released this 11 Jul 17:33
· 1450 commits to master since this release
3.14.0
916c537
  • add explicit "Rosetta Flash JSONP abuse" protection
    • previous versions are not vulnerable; this is just explicit protection
  • deprecate res.redirect(url, status) -- use res.redirect(status, url) instead
  • fix res.send(status, num) to send num as json (not error)
  • remove unnecessary escaping when res.jsonp returns JSON response
  • deps: basic-auth@1.0.0
    • support empty password
    • support empty username
  • deps: connect@2.23.0
    • deps: debug@1.0.3
    • deps: express-session@~1.6.4
    • deps: method-override@~2.1.0
    • deps: parseurl@~1.1.3
    • deps: serve-static@~1.3.1
    • deps: debug@1.0.3
      • Add support for multiple wildcards in namespaces
    • deps: methods@1.1.0
      • add CONNECT
    • deps: parseurl@~1.1.3
      • faster parsing of href-only URLs
Assets 2