HISTORY

1.14.1 / 2019-05-10

  • Set stricter CSP header in redirect response

  • deps: send@0.17.1

    • deps: range-parser@~1.2.1

1.14.0 / 2019-05-07

  • deps: parseurl@~1.3.3

  • deps: send@0.17.0

    • deps: http-errors@~1.7.2

    • deps: mime@1.6.0

    • deps: ms@2.1.1

    • deps: statuses@~1.5.0

    • perf: remove redundant path.normalize call

1.13.2 / 2018-02-07

  • Fix incorrect end tag in redirects

  • deps: encodeurl@~1.0.2

    • Fix encoding % as last character

  • deps: send@0.16.2

    • deps: depd@~1.1.2

    • deps: encodeurl@~1.0.2

    • deps: statuses@~1.4.0

1.13.1 / 2017-09-29

  • Fix regression when root is incorrectly set to a file

  • deps: send@0.16.1

1.13.0 / 2017-09-27

  • deps: send@0.16.0

    • Add 70 new types for file extensions

    • Add immutable option

    • Fix missing </html> in default error & redirects

    • Set charset as "UTF-8" for .js and .json

    • Use instance methods on steam to check for listeners

    • deps: mime@1.4.1

    • perf: improve path validation speed

1.12.6 / 2017-09-22

  • deps: send@0.15.6

    • deps: debug@2.6.9

    • perf: improve If-Match token parsing

  • perf: improve slash collapsing

1.12.5 / 2017-09-21

  • deps: parseurl@~1.3.2

    • perf: reduce overhead for full URLs

    • perf: unroll the "fast-path" RegExp

  • deps: send@0.15.5

    • Fix handling of modified headers with invalid dates

    • deps: etag@~1.8.1

    • deps: fresh@0.5.2

1.12.4 / 2017-08-05

  • deps: send@0.15.4

    • deps: debug@2.6.8

    • deps: depd@~1.1.1

    • deps: http-errors@~1.6.2

1.12.3 / 2017-05-16

  • deps: send@0.15.3

    • deps: debug@2.6.7

1.12.2 / 2017-04-26

  • deps: send@0.15.2

    • deps: debug@2.6.4

1.12.1 / 2017-03-04

  • deps: send@0.15.1

    • Fix issue when Date.parse does not return NaN on invalid date

    • Fix strict violation in broken environments

1.12.0 / 2017-02-25

  • Send complete HTML document in redirect response

  • Set default CSP header in redirect response

  • deps: send@0.15.0

    • Fix false detection of no-cache request directive

    • Fix incorrect result when If-None-Match has both * and ETags

    • Fix weak ETag matching to match spec

    • Remove usage of res._headers private field

    • Support If-Match and If-Unmodified-Since headers

    • Use res.getHeaderNames() when available

    • Use res.headersSent when available

    • deps: debug@2.6.1

    • deps: etag@~1.8.0

    • deps: fresh@0.5.0

    • deps: http-errors@~1.6.1

1.11.2 / 2017-01-23

  • deps: send@0.14.2

    • deps: http-errors@~1.5.1

    • deps: ms@0.7.2

    • deps: statuses@~1.3.1

1.11.1 / 2016-06-10

  • Fix redirect error when req.url contains raw non-URL characters

  • deps: send@0.14.1

1.11.0 / 2016-06-07

  • Use status code 301 for redirects

  • deps: send@0.14.0

    • Add acceptRanges option

    • Add cacheControl option

    • Attempt to combine multiple ranges into single range

    • Correctly inherit from Stream class

    • Fix Content-Range header in 416 responses when using start/end options

    • Fix Content-Range header missing from default 416 responses

    • Ignore non-byte Range headers

    • deps: http-errors@~1.5.0

    • deps: range-parser@~1.2.0

    • deps: statuses@~1.3.0

    • perf: remove argument reassignment

1.10.3 / 2016-05-30

  • deps: send@0.13.2

    • Fix invalid Content-Type header when send.mime.default_type unset

1.10.2 / 2016-01-19

  • deps: parseurl@~1.3.1

    • perf: enable strict mode

1.10.1 / 2016-01-16

  • deps: escape-html@~1.0.3

    • perf: enable strict mode

    • perf: optimize string replacement

    • perf: use faster string coercion

  • deps: send@0.13.1

    • deps: depd@~1.1.0

    • deps: destroy@~1.0.4

    • deps: escape-html@~1.0.3

    • deps: range-parser@~1.0.3

1.10.0 / 2015-06-17

  • Add fallthrough option

    • Allows declaring this middleware is the final destination

    • Provides better integration with Express patterns

  • Fix reading options from options prototype

  • Improve the default redirect response headers

  • deps: escape-html@1.0.2

  • deps: send@0.13.0

    • Allow Node.js HTTP server to set Date response header

    • Fix incorrectly removing Content-Location on 304 response

    • Improve the default redirect response headers

    • Send appropriate headers on default error response

    • Use http-errors for standard emitted errors

    • Use statuses instead of http module for status messages

    • deps: escape-html@1.0.2

    • deps: etag@~1.7.0

    • deps: fresh@0.3.0

    • deps: on-finished@~2.3.0

    • perf: enable strict mode

    • perf: remove unnecessary array allocations

  • perf: enable strict mode

  • perf: remove argument reassignment

1.9.3 / 2015-05-14

  • deps: send@0.12.3

    • deps: debug@~2.2.0

    • deps: depd@~1.0.1

    • deps: etag@~1.6.0

    • deps: ms@0.7.1

    • deps: on-finished@~2.2.1

1.9.2 / 2015-03-14

  • deps: send@0.12.2

    • Throw errors early for invalid extensions or index options

    • deps: debug@~2.1.3

1.9.1 / 2015-02-17

  • deps: send@0.12.1

    • Fix regression sending zero-length files

1.9.0 / 2015-02-16

  • deps: send@0.12.0

    • Always read the stat size from the file

    • Fix mutating passed-in options

    • deps: mime@1.3.4

1.8.1 / 2015-01-20

  • Fix redirect loop in Node.js 0.11.14

  • deps: send@0.11.1

    • Fix root path disclosure

1.8.0 / 2015-01-05

  • deps: send@0.11.0

    • deps: debug@~2.1.1

    • deps: etag@~1.5.1

    • deps: ms@0.7.0

    • deps: on-finished@~2.2.0

1.7.2 / 2015-01-02

  • Fix potential open redirect when mounted at root

1.7.1 / 2014-10-22

  • deps: send@0.10.1

    • deps: on-finished@~2.1.1

1.7.0 / 2014-10-15

  • deps: send@0.10.0

    • deps: debug@~2.1.0

    • deps: depd@~1.0.0

    • deps: etag@~1.5.0

1.6.5 / 2015-02-04

  • Fix potential open redirect when mounted at root

    • Back-ported from v1.7.2

1.6.4 / 2014-10-08

  • Fix redirect loop when index file serving disabled

1.6.3 / 2014-09-24

  • deps: send@0.9.3

    • deps: etag@~1.4.0

1.6.2 / 2014-09-15

  • deps: send@0.9.2

    • deps: depd@0.4.5

    • deps: etag@~1.3.1

    • deps: range-parser@~1.0.2

1.6.1 / 2014-09-07

  • deps: send@0.9.1

    • deps: fresh@0.2.4

1.6.0 / 2014-09-07

  • deps: send@0.9.0

    • Add lastModified option

    • Use etag to generate ETag header

    • deps: debug@~2.0.0

1.5.4 / 2014-09-04

  • deps: send@0.8.5

    • Fix a path traversal issue when using root

    • Fix malicious path detection for empty string path

1.5.3 / 2014-08-17

  • deps: send@0.8.3

1.5.2 / 2014-08-14

  • deps: send@0.8.2

    • Work around fd leak in Node.js 0.10 for fs.ReadStream

1.5.1 / 2014-08-09

  • Fix parsing of weird req.originalUrl values

  • deps: parseurl@~1.3.0

  • deps: utils-merge@1.0.0

1.5.0 / 2014-08-05

  • deps: send@0.8.1

    • Add extensions option

1.4.4 / 2014-08-04

  • deps: send@0.7.4

    • Fix serving index files without root dir

1.4.3 / 2014-07-29

  • deps: send@0.7.3

    • Fix incorrect 403 on Windows and Node.js 0.11

1.4.2 / 2014-07-27

  • deps: send@0.7.2

    • deps: depd@0.4.4

1.4.1 / 2014-07-26

  • deps: send@0.7.1

    • deps: depd@0.4.3

1.4.0 / 2014-07-21

  • deps: parseurl@~1.2.0

    • Cache URLs based on original value

    • Remove no-longer-needed URL mis-parse work-around

    • Simplify the "fast-path" RegExp

  • deps: send@0.7.0

    • Add dotfiles option

    • deps: debug@1.0.4

    • deps: depd@0.4.2

1.3.2 / 2014-07-11

  • deps: send@0.6.0

    • Cap maxAge value to 1 year

    • deps: debug@1.0.3

1.3.1 / 2014-07-09

  • deps: parseurl@~1.1.3

    • faster parsing of href-only URLs

1.3.0 / 2014-06-28

  • Add setHeaders option

  • Include HTML link in redirect response

  • deps: send@0.5.0

    • Accept string for maxAge (converted by ms)

1.2.3 / 2014-06-11

  • deps: send@0.4.3

    • Do not throw un-catchable error on file open race condition

    • Use escape-html for HTML escaping

    • deps: debug@1.0.2

    • deps: finished@1.2.2

    • deps: fresh@0.2.2

1.2.2 / 2014-06-09

  • deps: send@0.4.2

    • fix "event emitter leak" warnings

    • deps: debug@1.0.1

    • deps: finished@1.2.1

1.2.1 / 2014-06-02

  • use escape-html for escaping

  • deps: send@0.4.1

    • Send max-age in Cache-Control in correct format

1.2.0 / 2014-05-29

  • deps: send@0.4.0

    • Calculate ETag with md5 for reduced collisions

    • Fix wrong behavior when index file matches directory

    • Ignore stream errors after request ends

    • Skip directories in index file search

    • deps: debug@0.8.1

1.1.0 / 2014-04-24

  • Accept options directly to send module

  • deps: send@0.3.0

1.0.4 / 2014-04-07

  • Resolve relative paths at middleware setup

  • Use parseurl to parse the URL from request

1.0.3 / 2014-03-20

  • Do not rely on connect-like environments

1.0.2 / 2014-03-06

  • deps: send@0.2.0

1.0.1 / 2014-03-05

  • Add mime export for back-compat

1.0.0 / 2014-03-05

  • Genesis from connect

Last updated