Release 3.0.0rc2

Fixed double inclusion of methods in mvc example

History.md

@@ -1,4 +1,13 @@
 
+3.0.0rc2 / 2012-08-03 
+==================
+
+  * add CORS example
+  * update connect dep
+  * deprecate `.createServer()` & remove old stale examples
+  * fix: escape `res.redirect()` link
+  * fix vhost example
+
 3.0.0rc1 / 2012-07-24 
 ==================
 

Makefile

@@ -2,15 +2,6 @@
 MOCHA_OPTS=
 REPORTER = dot
 
-docs: docs/express.md
-
-docs/express.md: docs/application.md docs/request.md docs/response.md
-	cat $^ > $@
-
-docs/%.md: lib/%.js
-	@mkdir -p docs
-	dox --raw < $< | ./support/docs > $@
-
 check: test
 
 test: test-unit test-acceptance
@@ -32,10 +23,7 @@ test-cov: lib-cov
 lib-cov:
 	@jscoverage lib lib-cov
 
-docclean:
-	rm -fr docs
-
 benchmark:
 	@./support/bench
 
-.PHONY: docs docclean test test-unit test-acceptance benchmark
+.PHONY: test test-unit test-acceptance benchmark

docs/application.md

@@ -1,181 +0,0 @@
-
-# app
-
-  Application prototype.
-
-# app.use()
-
-  Proxy `connect#use()` to apply settings to
-  mounted applications.
-
-# app.engine()
-
-  Register the given template engine callback `fn`
-  as `ext`.
-  
-  By default will `require()` the engine based on the
-  file extension. For example if you try to render
-  a "foo.jade" file Express will invoke the following internally:
-  
-      app.engine('jade', require('jade').__express);
-  
-  For engines that do not provide `.__express` out of the box,
-  or if you wish to "map" a different extension to the template engine
-  you may use this method. For example mapping the EJS template engine to
-  ".html" files
-  
-      app.engine('html', require('ejs').renderFile);
-  
-  In this case EJS provides a `.renderFile()` method with
-  the same signature that Express expects: `(path, options, callback)`,
-  though note that it aliases this method as `ejs.__express` internally
-  so if you're using ".ejs" extensions you dont need to do anything.
-  
-  Some template engines do not follow this convention, the
-  [Consolidate.js](https://github.com/visionmedia/consolidate.js)
-  library was created to map all of node's popular template
-  engines to follow this convention, thus allowing them to
-  work seemlessly within Express.
-
-# app.param()
-
-  Map the given param placeholder `name`(s) to the given callback(s).
-  
-  Parameter mapping is used to provide pre-conditions to routes
-  which use normalized placeholders. For example a _:user_id_ parameter
-  could automatically load a user's information from the database without
-  any additional code,
-  
-  The callback uses the samesignature as middleware, the only differencing
-  being that the value of the placeholder is passed, in this case the _id_
-  of the user. Once the `next()` function is invoked, just like middleware
-  it will continue on to execute the route, or subsequent parameter functions.
-  
-       app.param('user_id', function(req, res, next, id){
-         User.find(id, function(err, user){
-           if (err) {
-             next(err);
-           } else if (user) {
-             req.user = user;
-             next();
-           } else {
-             next(new Error('failed to load user'));
-           }
-         });
-       });
-
-# app.set()
-
-  Assign `setting` to `val`, or return `setting`'s value.
-  
-     app.set('foo', 'bar');
-     app.get('foo');
-     // => "bar"
-  
-  Mounted servers inherit their parent server's settings.
-
-# app.enabled()
-
-  Check if `setting` is enabled (truthy).
-  
-     app.enabled('foo')
-     // => false
-  
-     app.enable('foo')
-     app.enabled('foo')
-     // => true
-
-# app.disabled()
-
-  Check if `setting` is disabled.
-  
-     app.disabled('foo')
-     // => true
-  
-     app.enable('foo')
-     app.disabled('foo')
-     // => false
-
-# app.enable()
-
-  Enable `setting`.
-
-# app.disable()
-
-  Disable `setting`.
-
-# app.configure()
-
-  Configure callback for zero or more envs,
-  when no `env` is specified that callback will
-  be invoked for all environments. Any combination
-  can be used multiple times, in any order desired.
-  
-  ## Examples
-  
-     app.configure(function(){
-       // executed for all envs
-     });
-  
-     app.configure('stage', function(){
-       // executed staging env
-     });
-  
-     app.configure('stage', 'production', function(){
-       // executed for stage and production
-     });
-  
-  ## Note
-  
-   These callbacks are invoked immediately, and
-   are effectively sugar for the following.
-  
-      var env = process.env.NODE_ENV || 'development';
-  
-       switch (env) {
-         case 'development':
-           ...
-           break;
-         case 'stage':
-           ...
-           break;
-         case 'production':
-           ...
-           break;
-       }
-
-# app.all()
-
-  Special-cased "all" method, applying the given route `path`,
-  middleware, and callback to _every_ HTTP method.
-
-# app.render()
-
-  Render the given view `name` name with `options`
-  and a callback accepting an error and the
-  rendered template string.
-  
-  ## Example
-  
-     app.render('email', { name: 'Tobi' }, function(err, html){
-       // ...
-     })
-
-# app.listen()
-
-  Listen for connections.
-  
-  A node `http.Server` is returned, with this
-  application (which is a `Function`) as its
-  callback. If you wish to create both an HTTP
-  and HTTPS server you may do so with the "http"
-  and "https" modules as shown here.
-  
-     var http = require('http')
-       , https = require('https')
-       , express = require('express')
-       , app = express();
-  
-     http.createServer(app).listen(80);
-     http.createServer({ ... }, app).listen(443);
-

docs/express.md

@@ -1,506 +0,0 @@
-
-# app
-
-  Application prototype.
-
-# app.use()
-
-  Proxy `connect#use()` to apply settings to
-  mounted applications.
-
-# app.engine()
-
-  Register the given template engine callback `fn`
-  as `ext`.
-  
-  By default will `require()` the engine based on the
-  file extension. For example if you try to render
-  a "foo.jade" file Express will invoke the following internally:
-  
-      app.engine('jade', require('jade').__express);
-  
-  For engines that do not provide `.__express` out of the box,
-  or if you wish to "map" a different extension to the template engine
-  you may use this method. For example mapping the EJS template engine to
-  ".html" files
-  
-      app.engine('html', require('ejs').renderFile);
-  
-  In this case EJS provides a `.renderFile()` method with
-  the same signature that Express expects: `(path, options, callback)`,
-  though note that it aliases this method as `ejs.__express` internally
-  so if you're using ".ejs" extensions you dont need to do anything.
-  
-  Some template engines do not follow this convention, the
-  [Consolidate.js](https://github.com/visionmedia/consolidate.js)
-  library was created to map all of node's popular template
-  engines to follow this convention, thus allowing them to
-  work seemlessly within Express.
-
-# app.param()
-
-  Map the given param placeholder `name`(s) to the given callback(s).
-  
-  Parameter mapping is used to provide pre-conditions to routes
-  which use normalized placeholders. For example a _:user_id_ parameter
-  could automatically load a user's information from the database without
-  any additional code,
-  
-  The callback uses the samesignature as middleware, the only differencing
-  being that the value of the placeholder is passed, in this case the _id_
-  of the user. Once the `next()` function is invoked, just like middleware
-  it will continue on to execute the route, or subsequent parameter functions.
-  
-       app.param('user_id', function(req, res, next, id){
-         User.find(id, function(err, user){
-           if (err) {
-             next(err);
-           } else if (user) {
-             req.user = user;
-             next();
-           } else {
-             next(new Error('failed to load user'));
-           }
-         });
-       });
-
-# app.set()
-
-  Assign `setting` to `val`, or return `setting`'s value.
-  
-     app.set('foo', 'bar');
-     app.get('foo');
-     // => "bar"
-  
-  Mounted servers inherit their parent server's settings.
-
-# app.enabled()
-
-  Check if `setting` is enabled (truthy).
-  
-     app.enabled('foo')
-     // => false
-  
-     app.enable('foo')
-     app.enabled('foo')
-     // => true
-
-# app.disabled()
-
-  Check if `setting` is disabled.
-  
-     app.disabled('foo')
-     // => true
-  
-     app.enable('foo')
-     app.disabled('foo')
-     // => false
-
-# app.enable()
-
-  Enable `setting`.
-
-# app.disable()
-
-  Disable `setting`.
-
-# app.configure()
-
-  Configure callback for zero or more envs,
-  when no `env` is specified that callback will
-  be invoked for all environments. Any combination
-  can be used multiple times, in any order desired.
-  
-  ## Examples
-  
-     app.configure(function(){
-       // executed for all envs
-     });
-  
-     app.configure('stage', function(){
-       // executed staging env
-     });
-  
-     app.configure('stage', 'production', function(){
-       // executed for stage and production
-     });
-  
-  ## Note
-  
-   These callbacks are invoked immediately, and
-   are effectively sugar for the following.
-  
-      var env = process.env.NODE_ENV || 'development';
-  
-       switch (env) {
-         case 'development':
-           ...
-           break;
-         case 'stage':
-           ...
-           break;
-         case 'production':
-           ...
-           break;
-       }
-
-# app.all()
-
-  Special-cased "all" method, applying the given route `path`,
-  middleware, and callback to _every_ HTTP method.
-
-# app.render()
-
-  Render the given view `name` name with `options`
-  and a callback accepting an error and the
-  rendered template string.
-  
-  ## Example
-  
-     app.render('email', { name: 'Tobi' }, function(err, html){
-       // ...
-     })
-
-# app.listen()
-
-  Listen for connections.
-  
-  A node `http.Server` is returned, with this
-  application (which is a `Function`) as its
-  callback. If you wish to create both an HTTP
-  and HTTPS server you may do so with the "http"
-  and "https" modules as shown here.
-  
-     var http = require('http')
-       , https = require('https')
-       , express = require('express')
-       , app = express();
-  
-     http.createServer(app).listen(80);
-     http.createServer({ ... }, app).listen(443);
-
-
-# req
-
-  Request prototype.
-
-# req.get
-
-  Return request header.
-  
-  The `Referrer` header field is special-cased,
-  both `Referrer` and `Referer` are interchangeable.
-  
-  ## Examples
-  
-      req.get('Content-Type');
-      // => "text/plain"
-      
-      req.get('content-type');
-      // => "text/plain"
-      
-      req.get('Something');
-      // => undefined
-  
-  Aliased as `req.header()`.
-
-# req.accepts()
-
-  Check if the given `type(s)` is acceptable, returning
-  the best match when true, otherwise `undefined`, in which
-  case you should respond with 406 "Not Acceptable".
-  
-  The `type` value may be a single mime type string
-  such as "application/json", the extension name
-  such as "json", a comma-delimted list such as "json, html, text/plain",
-  or an array `["json", "html", "text/plain"]`. When a list
-  or array is given the _best_ match, if any is returned.
-  
-  ## Examples
-  
-      // Accept: text/html
-      req.accepts('html');
-      // => "html"
-  
-      // Accept: text/*, application/json
-      req.accepts('html');
-      // => "html"
-      req.accepts('text/html');
-      // => "text/html"
-      req.accepts('json, text');
-      // => "json"
-      req.accepts('application/json');
-      // => "application/json"
-  
-      // Accept: text/*, application/json
-      req.accepts('image/png');
-      req.accepts('png');
-      // => undefined
-  
-      // Accept: text/*;q=.5, application/json
-      req.accepts(['html', 'json']);
-      req.accepts('html, json');
-      // => "json"
-
-# req.acceptsCharset()
-
-  Check if the given `charset` is acceptable,
-  otherwise you should respond with 406 "Not Acceptable".
-
-# req.acceptsLanguage()
-
-  Check if the given `lang` is acceptable,
-  otherwise you should respond with 406 "Not Acceptable".
-
-# req.param()
-
-  Return the value of param `name` when present or `defaultValue`.
-  
-   - Checks route placeholders, ex: _/user/:id_
-   - Checks body params, ex: id=12, {"id":12}
-   - Checks query string params, ex: ?id=12
-  
-  To utilize request bodies, `req.body`
-  should be an object. This can be done by using
-  the `connect.bodyParser()` middleware.
-
-# req.is()
-
-  Check if the incoming request contains the "Content-Type" 
-  header field, and it contains the give mime `type`.
-  
-  ## Examples
-  
-       // With Content-Type: text/html; charset=utf-8
-       req.is('html');
-       req.is('text/html');
-       req.is('text/*');
-       // => true
-      
-       // When Content-Type is application/json
-       req.is('json');
-       req.is('application/json');
-       req.is('application/*');
-       // => true
-      
-       req.is('html');
-       // => false
-
-
-# res
-
-  Response prototype.
-
-# res.status()
-
-  Set status `code`.
-
-# res.send()
-
-  Send a response.
-  
-  ## Examples
-  
-      res.send(new Buffer('wahoo'));
-      res.send({ some: 'json' });
-      res.send('<p>some html</p>');
-      res.send(404, 'Sorry, cant find that');
-      res.send(404);
-
-# res.json()
-
-  Send JSON response.
-  
-  ## Examples
-  
-      res.json(null);
-      res.json({ user: 'tj' });
-      res.json(500, 'oh noes!');
-      res.json(404, 'I dont have that');
-
-# res.sendfile()
-
-  Transfer the file at the given `path`.
-  
-  Automatically sets the _Content-Type_ response header field.
-  The callback `fn(err)` is invoked when the transfer is complete
-  or when an error occurs. Be sure to check `res.sentHeader`
-  if you wish to attempt responding, as the header and some data
-  may have already been transferred.
-  
-  ## Options
-  
-    - `maxAge` defaulting to 0
-    - `root`   root directory for relative filenames
-  
-  ## Examples
-  
-   The following example illustrates how `res.sendfile()` may
-   be used as an alternative for the `static()` middleware for
-   dynamic situations. The code backing `res.sendfile()` is actually
-   the same code, so HTTP cache support etc is identical.
-  
-      app.get('/user/:uid/photos/:file', function(req, res){
-        var uid = req.params.uid
-          , file = req.params.file;
-      
-        req.user.mayViewFilesFrom(uid, function(yes){
-          if (yes) {
-            res.sendfile('/uploads/' + uid + '/' + file);
-          } else {
-            res.send(403, 'Sorry! you cant see that.');
-          }
-        });
-      });
-
-# res.download()
-
-  Transfer the file at the given `path` as an attachment.
-  
-  Optionally providing an alternate attachment `filename`,
-  and optional callback `fn(err)`. The callback is invoked
-  when the data transfer is complete, or when an error has
-  ocurred. Be sure to check `res.headerSent` if you plan to respond.
-  
-  This method uses `res.sendfile()`.
-
-# res.format()
-
-  Respond to the Acceptable formats using an `obj`
-  of mime-type callbacks.
-  
-  This method uses `req.accepted`, an array of
-  acceptable types ordered by their quality values.
-  When "Accept" is not present the _first_ callback
-  is invoked, otherwise the first match is used. When
-  no match is performed the server responds with
-  406 "Not Acceptable".
-  
-  Content-Type is set for you, however if you choose
-  you may alter this within the callback using `res.type()`
-  or `res.set('Content-Type', ...)`.
-  
-     res.format({
-       'text/plain': function(){
-         res.send('hey');
-       },
-     
-       'text/html': function(){
-         res.send('<p>hey</p>');
-       },
-     
-       'appliation/json': function(){
-         res.send({ message: 'hey' });
-       }
-     });
-  
-  In addition to canonicalized MIME types you may
-  also use extnames mapped to these types:
-  
-     res.format({
-       text: function(){
-         res.send('hey');
-       },
-     
-       html: function(){
-         res.send('<p>hey</p>');
-       },
-     
-       json: function(){
-         res.send({ message: 'hey' });
-       }
-     });
-  
-  By default Express passes an `Error`
-  with a `.status` of 406 to `next(err)`
-  if a match is not made, however you may
-  provide an optional callback `fn` to
-  be invoked instead.
-
-# res.attachment()
-
-  Set _Content-Disposition_ header to _attachment_ with optional `filename`.
-
-# res.set
-
-  Set header `field` to `val`, or pass
-  an object of header fields.
-  
-  ## Examples
-  
-     res.set('Accept', 'application/json');
-     res.set({ Accept: 'text/plain', 'X-API-Key': 'tobi' });
-  
-  Aliased as `res.header()`.
-
-# res.get()
-
-  Get value for header `field`.
-
-# res.clearCookie()
-
-  Clear cookie `name`.
-
-# res.cookie()
-
-  Set cookie `name` to `val`, with the given `options`.
-  
-  ## Options
-  
-     - `maxAge`   max-age in milliseconds, converted to `expires`
-     - `signed`   sign the cookie
-     - `path`     defaults to "/"
-  
-  ## Examples
-  
-     // "Remember Me" for 15 minutes
-     res.cookie('rememberme', '1', { expires: new Date(Date.now() + 900000), httpOnly: true });
-  
-     // save as above
-     res.cookie('rememberme', '1', { maxAge: 900000, httpOnly: true })
-
-# res.redirect()
-
-  Redirect to the given `url` with optional response `status`
-  defaulting to 302.
-  
-  The given `url` can also be the name of a mapped url, for
-  example by default express supports "back" which redirects
-  to the _Referrer_ or _Referer_ headers or "/".
-  
-  ## Examples
-  
-     res.redirect('/foo/bar');
-     res.redirect('http://example.com');
-     res.redirect(301, 'http://example.com');
-     res.redirect('../login'); // /blog/post/1 -> /blog/login
-  
-  ## Mounting
-  
-    When an application is mounted, and `res.redirect()`
-    is given a path that does _not_ lead with "/". For 
-    example suppose a "blog" app is mounted at "/blog",
-    the following redirect would result in "/blog/login":
-  
-       res.redirect('login');
-  
-    While the leading slash would result in a redirect to "/login":
-  
-       res.redirect('/login');
-
-# res.render()
-
-  Render `view` with the given `options` and optional callback `fn`.
-  When a callback function is given a response will _not_ be made
-  automatically, otherwise a response of _200_ and _text/html_ is given.
-  
-  ## Options
-   
-   - `status`    Response status code (`res.statusCode`)
-   - `charset`   Set the charset (`res.charset`)
-  
-  ## Reserved locals
-  
-   - `cache`     boolean hinting to the engine it should cache
-   - `filename`  filename of the view being rendered
-

docs/request.md

@@ -1,107 +0,0 @@
-
-# req
-
-  Request prototype.
-
-# req.get
-
-  Return request header.
-  
-  The `Referrer` header field is special-cased,
-  both `Referrer` and `Referer` are interchangeable.
-  
-  ## Examples
-  
-      req.get('Content-Type');
-      // => "text/plain"
-      
-      req.get('content-type');
-      // => "text/plain"
-      
-      req.get('Something');
-      // => undefined
-  
-  Aliased as `req.header()`.
-
-# req.accepts()
-
-  Check if the given `type(s)` is acceptable, returning
-  the best match when true, otherwise `undefined`, in which
-  case you should respond with 406 "Not Acceptable".
-  
-  The `type` value may be a single mime type string
-  such as "application/json", the extension name
-  such as "json", a comma-delimted list such as "json, html, text/plain",
-  or an array `["json", "html", "text/plain"]`. When a list
-  or array is given the _best_ match, if any is returned.
-  
-  ## Examples
-  
-      // Accept: text/html
-      req.accepts('html');
-      // => "html"
-  
-      // Accept: text/*, application/json
-      req.accepts('html');
-      // => "html"
-      req.accepts('text/html');
-      // => "text/html"
-      req.accepts('json, text');
-      // => "json"
-      req.accepts('application/json');
-      // => "application/json"
-  
-      // Accept: text/*, application/json
-      req.accepts('image/png');
-      req.accepts('png');
-      // => undefined
-  
-      // Accept: text/*;q=.5, application/json
-      req.accepts(['html', 'json']);
-      req.accepts('html, json');
-      // => "json"
-
-# req.acceptsCharset()
-
-  Check if the given `charset` is acceptable,
-  otherwise you should respond with 406 "Not Acceptable".
-
-# req.acceptsLanguage()
-
-  Check if the given `lang` is acceptable,
-  otherwise you should respond with 406 "Not Acceptable".
-
-# req.param()
-
-  Return the value of param `name` when present or `defaultValue`.
-  
-   - Checks route placeholders, ex: _/user/:id_
-   - Checks body params, ex: id=12, {"id":12}
-   - Checks query string params, ex: ?id=12
-  
-  To utilize request bodies, `req.body`
-  should be an object. This can be done by using
-  the `connect.bodyParser()` middleware.
-
-# req.is()
-
-  Check if the incoming request contains the "Content-Type" 
-  header field, and it contains the give mime `type`.
-  
-  ## Examples
-  
-       // With Content-Type: text/html; charset=utf-8
-       req.is('html');
-       req.is('text/html');
-       req.is('text/*');
-       // => true
-      
-       // When Content-Type is application/json
-       req.is('json');
-       req.is('application/json');
-       req.is('application/*');
-       // => true
-      
-       req.is('html');
-       // => false
-

docs/response.md

@@ -1,218 +0,0 @@
-
-# res
-
-  Response prototype.
-
-# res.status()
-
-  Set status `code`.
-
-# res.send()
-
-  Send a response.
-  
-  ## Examples
-  
-      res.send(new Buffer('wahoo'));
-      res.send({ some: 'json' });
-      res.send('<p>some html</p>');
-      res.send(404, 'Sorry, cant find that');
-      res.send(404);
-
-# res.json()
-
-  Send JSON response.
-  
-  ## Examples
-  
-      res.json(null);
-      res.json({ user: 'tj' });
-      res.json(500, 'oh noes!');
-      res.json(404, 'I dont have that');
-
-# res.sendfile()
-
-  Transfer the file at the given `path`.
-  
-  Automatically sets the _Content-Type_ response header field.
-  The callback `fn(err)` is invoked when the transfer is complete
-  or when an error occurs. Be sure to check `res.sentHeader`
-  if you wish to attempt responding, as the header and some data
-  may have already been transferred.
-  
-  ## Options
-  
-    - `maxAge` defaulting to 0
-    - `root`   root directory for relative filenames
-  
-  ## Examples
-  
-   The following example illustrates how `res.sendfile()` may
-   be used as an alternative for the `static()` middleware for
-   dynamic situations. The code backing `res.sendfile()` is actually
-   the same code, so HTTP cache support etc is identical.
-  
-      app.get('/user/:uid/photos/:file', function(req, res){
-        var uid = req.params.uid
-          , file = req.params.file;
-      
-        req.user.mayViewFilesFrom(uid, function(yes){
-          if (yes) {
-            res.sendfile('/uploads/' + uid + '/' + file);
-          } else {
-            res.send(403, 'Sorry! you cant see that.');
-          }
-        });
-      });
-
-# res.download()
-
-  Transfer the file at the given `path` as an attachment.
-  
-  Optionally providing an alternate attachment `filename`,
-  and optional callback `fn(err)`. The callback is invoked
-  when the data transfer is complete, or when an error has
-  ocurred. Be sure to check `res.headerSent` if you plan to respond.
-  
-  This method uses `res.sendfile()`.
-
-# res.format()
-
-  Respond to the Acceptable formats using an `obj`
-  of mime-type callbacks.
-  
-  This method uses `req.accepted`, an array of
-  acceptable types ordered by their quality values.
-  When "Accept" is not present the _first_ callback
-  is invoked, otherwise the first match is used. When
-  no match is performed the server responds with
-  406 "Not Acceptable".
-  
-  Content-Type is set for you, however if you choose
-  you may alter this within the callback using `res.type()`
-  or `res.set('Content-Type', ...)`.
-  
-     res.format({
-       'text/plain': function(){
-         res.send('hey');
-       },
-     
-       'text/html': function(){
-         res.send('<p>hey</p>');
-       },
-     
-       'appliation/json': function(){
-         res.send({ message: 'hey' });
-       }
-     });
-  
-  In addition to canonicalized MIME types you may
-  also use extnames mapped to these types:
-  
-     res.format({
-       text: function(){
-         res.send('hey');
-       },
-     
-       html: function(){
-         res.send('<p>hey</p>');
-       },
-     
-       json: function(){
-         res.send({ message: 'hey' });
-       }
-     });
-  
-  By default Express passes an `Error`
-  with a `.status` of 406 to `next(err)`
-  if a match is not made, however you may
-  provide an optional callback `fn` to
-  be invoked instead.
-
-# res.attachment()
-
-  Set _Content-Disposition_ header to _attachment_ with optional `filename`.
-
-# res.set
-
-  Set header `field` to `val`, or pass
-  an object of header fields.
-  
-  ## Examples
-  
-     res.set('Accept', 'application/json');
-     res.set({ Accept: 'text/plain', 'X-API-Key': 'tobi' });
-  
-  Aliased as `res.header()`.
-
-# res.get()
-
-  Get value for header `field`.
-
-# res.clearCookie()
-
-  Clear cookie `name`.
-
-# res.cookie()
-
-  Set cookie `name` to `val`, with the given `options`.
-  
-  ## Options
-  
-     - `maxAge`   max-age in milliseconds, converted to `expires`
-     - `signed`   sign the cookie
-     - `path`     defaults to "/"
-  
-  ## Examples
-  
-     // "Remember Me" for 15 minutes
-     res.cookie('rememberme', '1', { expires: new Date(Date.now() + 900000), httpOnly: true });
-  
-     // save as above
-     res.cookie('rememberme', '1', { maxAge: 900000, httpOnly: true })
-
-# res.redirect()
-
-  Redirect to the given `url` with optional response `status`
-  defaulting to 302.
-  
-  The given `url` can also be the name of a mapped url, for
-  example by default express supports "back" which redirects
-  to the _Referrer_ or _Referer_ headers or "/".
-  
-  ## Examples
-  
-     res.redirect('/foo/bar');
-     res.redirect('http://example.com');
-     res.redirect(301, 'http://example.com');
-     res.redirect('../login'); // /blog/post/1 -> /blog/login
-  
-  ## Mounting
-  
-    When an application is mounted, and `res.redirect()`
-    is given a path that does _not_ lead with "/". For 
-    example suppose a "blog" app is mounted at "/blog",
-    the following redirect would result in "/blog/login":
-  
-       res.redirect('login');
-  
-    While the leading slash would result in a redirect to "/login":
-  
-       res.redirect('/login');
-
-# res.render()
-
-  Render `view` with the given `options` and optional callback `fn`.
-  When a callback function is given a response will _not_ be made
-  automatically, otherwise a response of _200_ and _text/html_ is given.
-  
-  ## Options
-   
-   - `status`    Response status code (`res.statusCode`)
-   - `charset`   Set the charset (`res.charset`)
-  
-  ## Reserved locals
-  
-   - `cache`     boolean hinting to the engine it should cache
-   - `filename`  filename of the view being rendered
-

examples/cors/index.js

@@ -0,0 +1,45 @@
+
+/**
+ * Module dependencies.
+ */
+
+var express = require('../..')
+  , app = express()
+  , api = express();
+
+// app middleware
+
+app.use(express.static(__dirname + '/public'));
+
+// api middleware
+
+api.use(express.logger('dev'));
+api.use(express.bodyParser());
+
+/**
+ * CORS support.
+ */
+
+api.all('*', function(req, res, next){
+  // use "*" here to accept any origin
+  res.set('Access-Control-Allow-Origin', 'http://localhost:3000');
+  res.set('Access-Control-Allow-Methods', 'GET, POST');
+  res.set('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type');
+  // res.set('Access-Control-Allow-Max-Age', 3600);
+  next();
+});
+
+/**
+ * POST a user.
+ */
+
+api.post('/user', function(req, res){
+  console.log(req.body);
+  res.send(201);
+});
+
+app.listen(3000);
+api.listen(3001);
+
+console.log('app listening on 3000');
+console.log('api listening on 3001');

examples/cors/public/index.html

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html>
+  <body>
+    <script>
+      var req = new XMLHttpRequest;
+      req.open('POST', 'http://localhost:3001/user', false);
+      req.setRequestHeader('Content-Type', 'application/json');
+      req.send('{"name":"tobi","species":"ferret"}');
+      console.log(req.responseText);
+    </script>
+  </body>
+</html>

examples/jade/index.js

@@ -9,10 +9,9 @@ var express = require('../../lib/express');
 
 var pub = __dirname + '/public';
 
-// Auto-compile sass to css with "compiler"
-// and then serve with connect's staticProvider
+// setup middleware
 
-var app = express.createServer();
+var app = express();
 app.use(app.router);
 app.use(express.static(pub));
 app.use(express.errorHandler());

examples/mvc/lib/boot.js

@@ -37,7 +37,6 @@ module.exports = function(parent, options){
         case 'show':
           method = 'get';
           path = '/' + name + '/:' + name + '_id';
-          app[method](path, obj[key]);
           break;
         case 'list':
           method = 'get';

examples/partials/app.js

@@ -1,32 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var express = require('../../lib/express');
-
-var app = express.createServer();
-
-// Optional since express defaults to CWD/views
-
-app.set('views', __dirname + '/views');
-
-// Set our default template engine to "jade"
-// which prevents the need for extensions
-// (although you can still mix and match)
-app.set('view engine', 'jade');
-
-// Dummy record
-var ninja = {
-  name: 'leonardo',
-  summary: { email: 'hunter.loftis+github@gmail.com', master: 'splinter', description: 'peaceful leader' },
-  weapons: ['katana', 'fists', 'shell'],
-  victims: ['shredder', 'brain', 'beebop', 'rocksteady']
-};
-
-app.get('/', function(req, res){
-  res.render('ninja', { ninja: ninja });
-});
-
-app.listen(3000);
-console.log('Express app started on port 3000');

examples/partials/views/layout.jade

@@ -1,5 +0,0 @@
-!!!
-html
-  head
-    title Partials Example
-  body!= body

examples/partials/views/li.jade

@@ -1 +0,0 @@
-li= value

examples/partials/views/ninja/_weapon.jade

@@ -1 +0,0 @@
-li.weapon= weapon

examples/partials/views/ninja/index.jade

@@ -1,22 +0,0 @@
-h1= ninja.name
-
-// file, partial name, and partial object all match ('summary')
-// the partial filename prefix '_' is completely optional.
-
-// In this case we need to specify ninja.summary as the object
-// option, since it is a "plain" object Express cannot otherwise
-// tell if it is intended to be locals, or THE summary object
-#summary!= partial('summary', { object: ninja.summary })
-
-// file, partial name = '_weapon', resolves to 'weapon' object within partial
-#weapons
-  h2 Weapons
-  // the weapon partial is rendered once per item in
-  // the weapons array or "collection"
-  ul!= partial('weapon', ninja.weapons)
-  
-// partial name 'victim' resolves to 'victim.jade'
-// or 'victim/index.jade', providing the "victim" local
-#victims
-  h2 Victims
-  ul!= partial('victim', ninja.victims)

examples/partials/views/ninja/summary.jade

@@ -1,4 +0,0 @@
-h2 Summary
-p= summary.email
-p= summary.description
-p taught by master #{summary.master}

examples/partials/views/ninja/victim/index.jade

@@ -1,5 +0,0 @@
-// this is insane overkill, I do not recommend
-// doing tiny partials like this as it gets expensive
-// with collections, however this illustrates the new
-// partial lookup mechanism
-!= partial('../../li', { object: victim, as: 'value' })

examples/route-middleware/index.js

@@ -4,7 +4,7 @@
 
 var express = require('../../lib/express');
 
-var app = express.createServer();
+var app = express();
 
 // Example requests:
 //     curl http://localhost:3000/user/0

examples/route-separation/index.js

@@ -3,8 +3,8 @@
  * Module dependencies.
  */
 
-var express = require('../../lib/express')
-  , app = express.createServer()
+var express = require('../..')
+  , app = express()
   , site = require('./site')
   , post = require('./post')
   , user = require('./user');

examples/say/app.js

@@ -1,44 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var express = require('../../')
-  , path = require('path')
-  , exec = require('child_process').exec
-  , fs = require('fs');
-
-/**
- * Error handler.
- */
-
-function errorHandler(voice) {
-  return function(err, req, res, next) {
-    var parts = err.stack.split('\n')[1].split(/[()]/)[1].split(':')
-      , filename = parts.shift()
-      , basename = path.basename(filename)
-      , lineno = parts.shift()
-      , col = parts.shift()
-      , lines = fs.readFileSync(filename, 'utf8').split('\n')
-      , line = lines[lineno - 1].replace(/\./, ' ');
-
-    exec('say -v "' + voice + '" '
-      + err.message
-      + ' on line ' + lineno
-      + ' of ' + basename + '.'
-      + ' The contents of this line is '
-      + ' "' + line + '".');
-
-    res.send(500);
-  }
-}
-
-var app = express.createServer();
-
-app.get('/', function(request, response){
-  if (request.is(foo)) response.end('bar');
-});
-
-app.use(errorHandler('Vicki'));
-
-app.listen(3000);

examples/stylus/app.js

@@ -1,51 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var express = require('../../lib/express')
-  , stylus = require('stylus');
-
-var app = express.createServer();
-
-// $ npm install stylus
-
-// completely optional, however
-// the compile function allows you to
-// define additional functions exposed to Stylus,
-// alter settings, etc
-
-function compile(str, path) {
-  return stylus(str)
-    .set('filename', path)
-    .set('compress', true);
-};
-
-// add the stylus middleware, which re-compiles when
-// a stylesheet has changed, compiling FROM src,
-// TO dest. dest is optional, defaulting to src
-
-app.use(stylus.middleware({
-    src: __dirname + '/views'
-  , dest: __dirname + '/public'
-  , compile: compile
-}));
-
-
-// minimal setup both reading and writting to ./public
-// would look like:
-//   app.use(stylus.middleware({ src: __dirname + '/public' }));
-
-// the middleware itself does not serve the static
-// css files, so we need to expose them with staticProvider
-
-app.use(express.static(__dirname + '/public'));
-
-app.set('views', __dirname + '/views');
-
-app.get('/', function(req, res){
-  res.render('index.jade');
-});
-
-app.listen(3000);
-console.log('server listening on port 3000');

examples/stylus/public/.gitignore

@@ -1 +0,0 @@
-*.css

examples/stylus/views/index.jade

@@ -1,2 +0,0 @@
-h1 Stylus
-p Just an example of using Stylus with Express.

examples/stylus/views/layout.jade

@@ -1,6 +0,0 @@
-html
-  head
-    title Stylus Example
-    link(rel='stylesheet', href='/reset.css')
-    link(rel='stylesheet', href='/main.css')
-  body!= body

examples/stylus/views/main.styl

@@ -1,8 +0,0 @@
-
-body
-  font 14px helvetica, arial, sans-serif
-  padding 50px
-  h1
-    font-size 50px
-  p
-    margin 15px 0

examples/vhost/index.js

@@ -3,13 +3,13 @@
  * Module dependencies.
  */
 
-var express = require('../../lib/express');
+var express = require('../..');
 
 // Edit /etc/vhosts
 
 // First app
 
-var one = express.createServer();
+var one = express();
 
 one.use(express.logger());
 
@@ -23,7 +23,7 @@ one.get('/:sub', function(req, res){
 
 // App two
 
-var two = express.createServer();
+var two = express();
 
 two.get('/', function(req, res){
   res.send('Hello from app two!')
@@ -31,7 +31,7 @@ two.get('/', function(req, res){
 
 // Redirect app
 
-var redirect = express.createServer();
+var redirect = express();
 
 redirect.all('*', function(req, res){
   console.log(req.subdomains);
@@ -40,7 +40,7 @@ redirect.all('*', function(req, res){
 
 // Main app
 
-var app = express.createServer();
+var app = express();
 
 app.use(express.vhost('*.localhost', redirect))
 app.use(express.vhost('localhost', one));

lib/express.js

@@ -23,7 +23,7 @@ exports = module.exports = createApplication;
  * Framework version.
  */
 
-exports.version = '3.0.0rc1';
+exports.version = '3.0.0rc2';
 
 /**
  * Expose mime.
@@ -60,10 +60,19 @@ for (var key in connect.middleware) {
 }
 
 /**
- * Backwards compat.
+ * Error on createServer().
  */
 
-exports.createServer = createApplication;
+exports.createServer = function(){
+  console.warn('Warning: express.createServer() is deprecated, express');
+  console.warn('applications no longer inherit from http.Server,');
+  console.warn('please use:');
+  console.warn('');
+  console.warn('  var express = require("express");');
+  console.warn('  var app = express();');
+  console.warn('');
+  return createApplication();
+};
 
 /**
  * Expose the prototypes.

lib/response.js

@@ -621,7 +621,8 @@ res.redirect = function(url){
     },
 
     html: function(){
-      body = '<p>' + statusCodes[status] + '. Redirecting to <a href="' + url + '">' + url + '</a></p>';
+      var u = utils.escape(url);
+      body = '<p>' + statusCodes[status] + '. Redirecting to <a href="' + u + '">' + u + '</a></p>';
     },
 
     default: function(){

package.json

@@ -1,7 +1,7 @@
 {
   "name": "express",
   "description": "Sinatra inspired web development framework",
-  "version": "3.0.0rc1",
+  "version": "3.0.0rc2",
   "author": "TJ Holowaychuk <tj@vision-media.ca>",
   "contributors": [ 
     { "name": "TJ Holowaychuk", "email": "tj@vision-media.ca" }, 
@@ -10,7 +10,7 @@
     { "name": "Guillermo Rauch", "email": "rauchg@gmail.com" }
   ],
   "dependencies": {
-    "connect": "2.4.1",
+    "connect": "2.4.2",
     "commander": "0.6.1",
     "range-parser": "0.0.4",
     "mkdirp": "0.3.3",

test/res.redirect.js

@@ -232,6 +232,23 @@ describe('res', function(){
         done();
       })
     })
+
+    it('should escape the url', function(done){
+      var app = express();
+
+      app.use(function(req, res){
+        res.redirect('<lame>');
+      });
+
+      request(app)
+      .get('/')
+      .set('Host', 'http://example.com')
+      .set('Accept', 'text/html')
+      .end(function(err, res){
+        res.text.should.equal('<p>Moved Temporarily. Redirecting to <a href="//http://example.com/&lt;lame&gt;">//http://example.com/&lt;lame&gt;</a></p>');
+        done();
+      })
+    })
   })
   
   describe('when accepting text', function(){