Permalink
Commits on Oct 13, 2017
  1. 1.2.2

    rvagg committed Oct 13, 2017
Commits on Oct 9, 2017
  1. 1.2.1

    rvagg committed Oct 9, 2017
  2. update deps

    rvagg committed Oct 9, 2017
  3. update mime dependency to avoid ReDoS vulnerability

    pmuellr authored and rvagg committed Oct 4, 2017
    fixes issue #90
    
    Info on the vulnerability: https://snyk.io/vuln/npm:mime:20170907
    
    Versions of mime < 1.4.1 are vulnerable.
    
    Upgraded from ~1.3.4 to ~1.4.1
Commits on Jun 29, 2016
  1. 1.2.0

    rvagg committed Jun 29, 2016
  2. update deps

    rvagg committed Jun 29, 2016
  3. Introduce -localhost resp. -l abbreviation

    gagern authored and rvagg committed May 26, 2016
    This increases the chances of lazy people still using a security-relevant
    setting.
  4. Make the host configurable

    gagern authored and rvagg committed May 26, 2016
    The default behavior can be achieved by specifying `*`.
    It will correspond to `::` on an IPv6-enabled machine and `0.0.0.0`
    otherwise, which is the reason we don't use either of these as the default.
  5. Report actual address we're listening on

    gagern authored and rvagg committed May 26, 2016
    Telling the user that we're listening (only) on 127.0.0.1 when in fact we
    are listening on all available addresses can confuse users into thinking
    that running the service is more secure than it actually is.  Better to tell
    the user what host exactly we are listening on.  As far as I can tell,
    browsers accept having the zero address (:: or 0.0.0.0) pasted into their
    location bar, so it should still be possible to copy & paste the URL.
    
    One benefit is that we now only report the listening line when we have
    actually started listening, avoiding confusion when the web server is slow
    to start or when it fails to start after the message got printed.  Another
    benefit is that we can report the port number actually in use if the user
    set the port to zero.
Commits on May 31, 2016
  1. Configure Travis CI

    gagern authored and rvagg committed May 27, 2016
Commits on Dec 14, 2015
  1. 1.1.0

    rvagg committed Dec 14, 2015
  2. update deps

    rvagg committed Dec 14, 2015
  3. updated README

    asyncanup authored and rvagg committed Dec 12, 2015
  4. added mount url as command line option

    asyncanup authored and rvagg committed Dec 12, 2015
  5. updated README about CORS

    asyncanup authored and rvagg committed Dec 12, 2015
  6. added basic CORS functionality with tests

    asyncanup authored and rvagg committed Dec 12, 2015
Commits on Sep 29, 2015
  1. 1.0.0

    rvagg committed Sep 29, 2015
  2. only consider url path for dotted files w/dot option

    pmuellr authored and rvagg committed Sep 24, 2015
    For the dot option, st was searching the entire file name
    when looking for dotted path components, instead of searching
    the url path.
    
    fixes #67
Commits on Jul 28, 2015
  1. 0.5.5

    rvagg committed Jul 28, 2015
  2. update deps

    rvagg committed Jul 28, 2015
  3. Fix "no cache" resolution

    medikoo authored and rvagg committed Jul 28, 2015
    `none` was provided in direct form and modified afterwards,
    so next calls of st, modified `none` was reused
  4. Added test for a parent path This test ensures that a '..' path is al…

    ArtskydJ authored and rvagg committed Feb 19, 2015
    …lowed in the `path` option Also removed stray console.error
Commits on May 19, 2015
  1. v0.5.4

    isaacs committed May 19, 2015
  2. isc license

    isaacs committed May 19, 2015
Commits on Feb 14, 2015
  1. 0.5.3

    rvagg committed Feb 14, 2015
  2. more verbose error reporting

    rvagg committed Feb 14, 2015
  3. replace encoded slashes and backslashes with '/'

    makkedude authored and rvagg committed Feb 12, 2015
    For the served urls in the index. This fixes problems with '%2F' on windows
Commits on Sep 25, 2014
  1. 0.5.2

    rvagg committed Sep 25, 2014
Commits on Jun 18, 2014
  1. 0.5.1

    rvagg committed Jun 18, 2014