3.10.2

deps: connect@2.19.3
3.10.1
2026-02-27 11:09:29 +00:00 · 2014-06-03 21:35:34 -04:00 · 2014-06-03 21:33:55 -04:00 · 2014-06-03 16:45:09 -04:00 · 2014-06-03 16:44:29 -04:00 · 2014-06-03 16:42:49 -04:00
5 changed files with 35 additions and 29 deletions
--- a/History.md
+++ b/History.md
@@ -1,3 +1,30 @@
+3.10.2 / 2014-06-03
+===================
+
+ * deps: connect@2.19.3
+   - deps: compression@1.0.6
+
+3.10.1 / 2014-06-03
+===================
+
+ * deps: connect@2.19.2
+   - deps: compression@1.0.4
+ * deps: proxy-addr@1.0.1
+
+3.10.0 / 2014-06-02
+===================
+
+ * deps: connect@2.19.1
+   - deprecate `methodOverride()` -- use `method-override` module directly
+   - deps: body-parser@1.3.0
+   - deps: method-override@2.0.1
+   - deps: multiparty@3.2.8
+   - deps: response-time@2.0.0
+   - deps: serve-static@1.2.1
+ * deps: methods@1.0.1
+ * deps: send@0.4.1
+   - Send `max-age` in `Cache-Control` in correct format
+
 3.9.0 / 2014-05-30
 ==================

--- a/lib/response.js
+++ b/lib/response.js
@@ -2,6 +2,7 @@
 * Module dependencies.
 */

+var escapeHtml = require('escape-html');
 var http = require('http')
  , path = require('path')
  , connect = require('connect')
@@ -744,7 +745,7 @@ res.redirect = function(url){
    },

    html: function(){
-      var u = utils.escape(url);
+      var u = escapeHtml(url);
      body = '<p>' + statusCodes[status] + '. Redirecting to <a href="' + u + '">' + u + '</a></p>';
    },

--- a/lib/utils.js
+++ b/lib/utils.js
@@ -322,22 +322,6 @@ function acceptParams(str, index) {
  return ret;
 }

-/**
- * Escape special characters in the given string of html.
- *
- * @param  {String} html
- * @return {String}
- * @api private
- */
-
-exports.escape = function(html) {
-  return String(html)
-    .replace(/&/g, '&amp;')
-    .replace(/"/g, '&quot;')
-    .replace(/</g, '&lt;')
-    .replace(/>/g, '&gt;');
-};
-
 /**
 * Normalize the given path string,
 * returning a regular expression.
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
  "name": "express",
  "description": "Sinatra inspired web development framework",
-  "version": "3.9.0",
+  "version": "3.10.2",
  "author": "TJ Holowaychuk <tj@vision-media.ca>",
  "contributors": [
    {
@@ -48,14 +48,15 @@
  "license": "MIT",
  "dependencies": {
    "buffer-crc32": "0.2.1",
-    "connect": "2.18.0",
+    "connect": "2.19.3",
    "commander": "1.3.2",
-    "methods": "1.0.0",
+    "escape-html": "1.0.1",
+    "methods": "1.0.1",
    "mkdirp": "0.5.0",
    "parseurl": "1.0.1",
-    "proxy-addr": "1.0.0",
+    "proxy-addr": "1.0.1",
    "range-parser": "1.0.0",
-    "send": "0.4.0",
+    "send": "0.4.1",
    "cookie": "0.1.2",
    "fresh": "0.2.2",
    "cookie-signature": "1.0.3",
--- a/test/utils.js
+++ b/test/utils.js
@@ -94,13 +94,6 @@ describe('utils.flatten(arr)', function(){
  })
 })

-describe('utils.escape(html)', function(){
-  it('should escape html entities', function(){
-    utils.escape('<script>foo & "bar"')
-      .should.equal('&lt;script&gt;foo &amp; &quot;bar&quot;')
-  })
-})
-
 describe('utils.parseParams(str)', function(){
  it('should default quality to 1', function(){
    utils.parseParams('text/html')
Author	SHA1	Message	Date
Douglas Christopher Wilson	c919b4a573	3.10.2	2014-06-03 21:35:34 -04:00
Douglas Christopher Wilson	fe6f392c2d	deps: connect@2.19.3	2014-06-03 21:33:55 -04:00
Douglas Christopher Wilson	3b34a537ee	3.10.1	2014-06-03 16:45:09 -04:00
Douglas Christopher Wilson	ad79ce9c4b	deps: connect@2.19.2	2014-06-03 16:44:29 -04:00
Douglas Christopher Wilson	721f6388c3	deps: proxy-addr@1.0.1	2014-06-03 16:42:49 -04:00
Douglas Christopher Wilson	298ac11018	3.10.0	2014-06-03 00:40:27 -04:00
Douglas Christopher Wilson	bb6e207336	deps: connect@2.19.1	2014-06-03 00:37:57 -04:00
Douglas Christopher Wilson	f433b7c7cf	replace utils.escape with html-escape	2014-06-03 00:37:32 -04:00
Douglas Christopher Wilson	a94278abd1	deps: send@0.4.1	2014-06-02 21:31:23 -04:00
Douglas Christopher Wilson	a7cd5a2553	deps: methods@1.0.1	2014-06-02 19:19:56 -04:00