forked from zhurui/management
11 KiB
11 KiB
1.6.1
Fixes
1.6.0
Fixes
- Remove
agent: false
to allow usage ofglobalAgent
. Fixes #421
dependencies
- Update
url-parse
due to CVE-2022-0686, CVE-2022-0639, and CVE-2022-0512. Fixes #576 - Remove
json3
dependency. Fixes #476 - Update
eventsource
to1.1.0
- Update
faye-websocket
to0.11.4
- Update
debug
to3.2.7
devDependencies
- Update
follow-redirects
(devDep) due to CVE-2022-0536 and CVE-2022-0155 - Update
karma
(devDep) due to CVE-2022-0437 - Update
cached-path-relative
(devDep) due to CVE-2021-23518 - Update
fsevents
(devDep) to fix:ini
CVE-2020-7788minimist
CVE-2020-7598tar
CVE-2021-37713, CVE-2021-37701, CVE-2021-32804, CVE-2021-32803
- Update
copy-props
(devDep) due to CVE-2020-28503 - Update
eslint
,mocha
,gulp-replace
,karma-browserify
,gulp-sourcemaps
, andbrowserify
Other Changes
- Remove bower
- Remove Travis CI
- Require Node.js 12
1.5.2
- Update
url-parse
due to CVE-2021-3664.
1.5.1
- Update
url-parse
due to CVE-2021-27515.
1.5.0
- Update
url-parse
,kind-of
,minimist
,websocket-extensions
due to security vulnerabilies. - Update dev dependencies.
- Allow loopback address hostnames on a secure page. Fixes #486
- Enable eventsource transport for node.js clients.
1.4.0
- Add
timeout
option to set a minimum transport timeout. Fixes #403 - Update dev deps to fix security warnings from
npm audit
- Guard against null
this._transport
indebug
statement. Fixes #448
1.3.0
- Revert
debug
to^3
because v4 starts using ES6. Fixes #457
1.2.0
- Update all outdated dependencies
- Switch to karma and browserstack for running automated browser tests
1.1.5
- Wrap the the contentWindow access in a try/catch block when in setTimeout #363
- Revised example in README #356
- Fix connection close when Transport timeout #358
- Fixed crash with react-native@0.45.1 on Android #386
- Update jsDelivr link #404, #405
- Remove Sauce Labs unsupported browsers
- Add link to rust server implementation #411
- location.protocol should include final
:
#396
1.1.4
- Upgrade
debug
and fix object key literal mangling, fixes regression in Opera 11.10 #359 - Trim descriptions in package.json and bower.json - #372
1.1.3
- Bad publish to NPM (removed)
1.1.2
- Ensure both sender and receiver are cleaned upon close - #342
- Remove event listeners before calling
close
- #344 - Update documentation links - #351, #339, #316
- Explicitly export
undefined
whenWebSocket
does not exist. Fixes Webpack. #321 - Include
dist
folder on npm - #265 - Simplify build setup
- Update to Node.js 6.9
- Add sourcemap for minified version
- Remove unused String.trim shim
1.1.1
- Do not pass
protocols
oroptions
arguments to browser WebSocket constructor - #309
1.1.0
- Fix IE7/8 usage of
console.log
which does not haveapply
- #279 - Remove
dbg
global variable - #282 - Bump
faye-websocket
version to0.11.0
- #267 - Optimize
arguments
usage - #263 - Add sourcemap file to dist folder - #237
- Add way to transparently pass transport-specific options - #272
1.0.3
- Use
https
module for xhr requests in node when url uses https - #254
1.0.2
- Fix iframe info receiver url
- Move iframe.contentWindow check inside setTimeout - #246
1.0.1
- Use proper base url for iframe-based info receiver - #249
- Don't register unload event in chrome packaged app - #223
- Allow custom session ids - #250
- Remove version property from bower.json - #247
- Update example CDN url - #244
1.0.0
- Simplify url handling by delegating to
url-parse
- #242 - Upgrade to
url-parse
1.0.1 to fix colon issue if auth has no password
1.0.0-beta.13
- Transport timeout on connection should fallback - #238
1.0.0-beta.12
- Upgrade
url-parse
to 1.0.0 to fix #218 again
1.0.0-beta.10
- Upgrade
url-parse
to 0.2.3 to fix #222
1.0.0-beta.9
- Upgrade
url-parse
to 0.2.1 to fix 'too much recursion' errors
1.0.0-beta.8
- Upgrade
url-parse
to 0.2.0 to fix inheritance issues
1.0.0-beta.7
1.0.0-beta.6
- Upgrade
url-parse
to 0.1.3 to avoid CSP issues
1.0.0-beta.5
- Upgrade
url-parse
to 0.1.1 to fix #214
1.0.0-beta.4
- Upgrade
url-parse
to 0.1.0 andsockjs
to 0.3.11 - Update .npmignore
1.0.0-beta.3
- Move
debug
from devDependencies to dependencies
1.0.0-beta.2
- Relax requirements when using same origin XHR - #80
- Upgrade to JSON3 from JSON2 - #123
- Package library with browserify supporting the UMD pattern - #184
- Move tests to JavaScript
- Add Gulp.js build script
- Fix getOrigin for file:/// urls and standard ports - #173
- Add onerror event handlers to Websockets - #169
- Increase RTO lower bound to prevent spurious timeouts on IE8/9 - #161
- Use window.crypto for random values when available - #128
- Fix handling of listeners added and removed mid-dispatch - #127
- Fix XHR Streaming for IE8 - #83
- Remove explicit AMD name - #107
- Check for an empty response from /info request - #143
- Add Content-Type to XHR requests to fix issue over HTTPS on Galaxy S4 - #164
- Fix iframe fallback when message is sent from a popup in IE7/8 - #166
- Add support for query strings on the url - #72
- Now works inside of Web Workers - #181
- Support EventSource / Server Sent Events outside of iframes - #201
- Rename protocols to transports - #65
- Allow transports which need the body to trigger on 'interactive' readyState - #175
- try/catch access to document.domain - #187
- Use
window.location
instead ofdocument.location
- #195 - Allow usage from node.js with same API
0.3.4
- Mentioned njoyce's fork of sockjs-gevent.
- #90 - Don't catch onbeforeunload event - it breaks javascript:// links in IE.
- IE mangles 204 response code for 1223 on ajax, see: http://bugs.jquery.com/ticket/1450
- Make
new
optional for SockJS constructor (via substack). - It is impossible to cancel JSONP polling request - compensate for that.
- Refactored EventEmitter prototype (used only internally)
- #66 - Failure to post data to /xhr_send should kill the session
0.3.2
- #77 - Getting /info on modern browsers when html is served from file:// urls was broken.
0.3.1
- #61 - Meteor guys found that we unintentionally catch "onopen" errors.
- #63 - Meteorjs guys found that xhr-streaming on Safari sometimes left busy cursor running.
- Increased allowed time for websocket transport (from 1 rtt to 2), this should make ws transport more reliable over SSL, at the cost of slightly longer connection time for users with blocked ws.
- #57 - previous fix didn't really work, sockjs-client still left a mess in browsers history when using iframe transports. This is fixed now.
- #60 - Opera 12 (next) claims to do AJAX2 / CORS, but can't do xhr-streaming.
- #58 - onunload test sometimes failed on Safari on windows
- Updated readme WRT websocket protocols
- Updated readme WRT deployments on heroku
- Add minimalistic license block to every source file.
0.3.0
- Temporarily disabled iframe tests - they are failing unpredictably.
- #57 - pointing an iframe to "about:blank" during cleanup caused Opera to messup history.
- #55 - Improved iframe abstraction (reduced a possible mem leak)
- Refactored AJAX abstractions, for better CORS handing - again.
- Add additional parent origin security check to an iframe.
- Urls with hashes or query strings can't be passed to SockJS.
- #18 - Mention workaround for Firefox ESC key issue
- #53 - AMD compliance
- sockjs/sockjs-protocol#28 - always use square brackets for websocket frames
- #51 - initial support for IE10 - try XHR before XDR
- #28 - handle onunload / onbeforeunload in a more robust fashion
- #49 - support SockJS-client being used from files served from file:// urls.
0.2.1
- "smoke-latency.html" test was unnecesairly sending too much data.
- Bumped core dependencies (coffee-script and uglify-js)
- Minor updates to the README, few cosmetic changes in the code.
0.2.0
- The API had changed - use
protocols_whitelist
option instead of passing an array of protocols as a second argument to SockJS constructor. - Dropped 'chunking-test' functionality and replace it with 'info'.
- Rewritten protocol-choosing alogirthm, see "utils.detectProtocols" method.
- Use dynamic protocol timeouts based on RTT, not hardcoded 5 seconds
- #34 - Don't ever reuse
session_id
, especially when trying fallback protocols. - The test server got moved from SockJS-client to SockJS-node.
- Don't test unicode surrogates - it can't work in some environments.
- XHR/XDR helpers were rewritten, ajax transports were simplified.
- Added a domain check in the iframe to improve security.
- SockJS will now trigger 1002 error if there is a problem during handshake instead of 2000 error.
- Smoke-throughput test is renamed to smoke-latency.
0.1.2
- #29 - Allow all unicode characters to be send over SockJS.
- #15 - SockJS should now work fine even if the connection is started in HEAD, before BODY is loaded.
- #28 - In rare circumstances WebSocket connection can be left intact after the page is unloaded in FireFox.
- Updated scripts to work with Node 0.6.
- Initial work to do better QUnit testing.
- Updated the minifying script (always escape unicode chars, remove trailing comment).
- Use string instead of array of chars (utils.js:random_number_string).
0.1.1
- #21 Get JsonP transport working on IE9 (Vladimir Dronnikov).
- #26 Emit heartbeat event.
- #27 Include license inline.
0.1.0
- SockJS-client can only send UTF-8 encodable strings. Previously we
took advantage of rich data structures and automatically
json-encoded them, but this got removed. Now, all data passed to
send
will be converted to string. This is also how native status
property onEventClose
is renamed tocode
as per Websocket API WebSockets behave.- The test server was updated to new
sockjs-node
API - Fixed problem with Jsonp-polling transport on IE9
- Repository was moved - updated links.
0.0.4
- All transports were refactored, some transports were introduced: htmlfile and separate xhr-streaming.
- Added logic to detect support for http chunking, and thus a possibility to rule out streaming transports before running them.
- Added 'cookie' option, useful for cookie-based load balancing (currently, it make a difference only for IE).
- Added hack to prevent EventSource from crashing Safari and Chrome.
- Loads and loads of other small and medium changes.
0.0.2
- Initial support for JSESSIONID based load balancing. Currently doesn't play nicely with IE XDomainRequest transport.
0.0.1
- Initial release.