Commit Graph

244 Commits

Author SHA1 Message Date
Diana Lau b5e9abdc45 3.0.0
* Allow safeFields to work with arrays (shimks)
 * run lint (shimks)
 * drop node 4 from travis and update dependencies (shimks)
2018-06-11 20:41:32 -04:00
Kyusung Shim 0a39f8466a
Merge pull request #73 from strongloop/array-safefields
Allow safeFields to work with arrays
2018-06-11 11:11:33 -04:00
shimks 7828534804 Allow safeFields to work with arrays
Co-authored-by: Miroslav Bajtos <mbajtoss@gmail.com>
2018-06-08 15:01:45 -04:00
Kyusung Shim a431cf54fa
Merge pull request #74 from strongloop/drop-node-4
Drop node 4, update dependencies and status on maintenance
2018-06-08 14:59:58 -04:00
shimks b7b3961ff2 run lint 2018-06-07 12:47:21 -04:00
shimks 56d26b377e drop node 4 from travis and update dependencies 2018-06-07 12:47:13 -04:00
Miroslav Bajtoš 3ec47f84fd
2.3.2
* Undefined safeFields revert to data #71 (Zak Barbuto)
2018-03-05 09:58:43 +01:00
Miroslav Bajtoš 93792910c9
Merge pull request #72 from strongloop/fix/71-safe-fields-defaults
Undefined safeFields revert to data #71
2018-03-05 09:58:12 +01:00
Zak Barbuto 0ce15b2d27 Undefined safeFields revert to data #71 2018-03-05 14:09:51 +10:30
Miroslav Bajtoš d17d2a9551
2.3.1
* Escape strings in HTML output (XSS fix) (Zachery Metcalf)
 * Update LICENSE.md (Diana Lau)
2018-01-25 14:38:01 +01:00
Miroslav Bajtoš 89b6183704
Merge pull request #69 from superhumane/xss_fix
Escape strings in HTML output (XSS fix)
2018-01-25 14:37:30 +01:00
Zachery Metcalf 35328be26b
Escape strings in HTML output (XSS fix)
Modify the template producing HTML error responses to correctly
escape all strings that are possibly coming from the client making the
request. Before this change, the error responses were vulnerable to XSS
(cross-site scripting) attacks.
2018-01-25 14:16:24 +01:00
Diana Lau 4c69370751
Update LICENSE.md 2017-11-10 23:32:39 -05:00
Miroslav Bajtoš 1117948629
2.3.0
* update strong-globalize to 3.1.0 (shimks)
 * CODEOWNERS: add zbarbuto (Miroslav Bajtoš)
 * Update Issue and PR Templates (#59) (Sakib Hasan)
 * fixed json typo of server/middleware.json (karanssj4)
 * Add CODEOWNER file (Diana Lau)
2017-10-13 13:15:58 +02:00
Miroslav Bajtoš 61505f3dd1 Merge pull request #64 from strongloop/update-strong-globalize
update strong-globalize to 3.1.0
2017-10-13 13:15:13 +02:00
shimks b4ec4e7645 update strong-globalize to 3.1.0 2017-10-12 22:54:27 -04:00
Miroslav Bajtoš 8979744cd5 Merge pull request #62 from strongloop/welcome-zbarbuto
CODEOWNERS: add zbarbuto
2017-09-27 11:11:30 +02:00
Miroslav Bajtoš 7d0682e7ae CODEOWNERS: add zbarbuto 2017-09-25 09:58:12 +02:00
Sakib Hasan 0ee193bb61 Update Issue and PR Templates (#59)
* update issue template

* update pr template
2017-08-16 11:24:49 -04:00
Miroslav Bajtoš 0bb801bed6 Merge pull request #58 from karanssj4/patch-1
fix json typo of server/middleware.json
2017-08-02 14:06:43 +02:00
karanssj4 99e69336d9 fixed json typo of server/middleware.json
the json format is valid now
2017-08-02 14:21:49 +05:30
Diana Lau 5acee7e873 Merge pull request #57 from strongloop/add-codeowner
Add CODEOWNER file
2017-07-26 20:45:32 -04:00
Diana Lau 69eb7209c5 Add CODEOWNER file 2017-07-25 20:37:59 -04:00
Miroslav Bajtoš 3bf59a7d17
2.2.0
* Add new option: negotiateContentType (Raj)
2017-07-20 10:27:02 +02:00
Miroslav Bajtoš 68e0aa58d1 Merge pull request #55 from charanrajtc/added-response-format-option
Add contentType option for passing mandatory type
2017-07-20 10:26:37 +02:00
Raj 4d973929c1
Add new option: negotiateContentType
The option controls whether response content type is negotiated with
the client and it's enabled by default.
2017-07-20 10:19:29 +02:00
Miroslav Bajtoš 323cd4dfbf
2.1.0
* Bump js2xmlparser dependency to version 3.0.0 (Matthew O'Donoghue)
2017-04-18 15:34:51 +02:00
Miroslav Bajtoš 93c7d05a41 Merge pull request #53 from mattyod/bump-js2xml-version
Bump js2xmlparser dependency to version 3.0.0
2017-04-18 15:33:19 +02:00
Matthew O'Donoghue 24ece6d9d5 Bump js2xmlparser dependency to version 3.0.0 2017-04-13 11:21:08 +01:00
Miroslav Bajtoš 7fbb7e6439
2.0.0
* Fix markdown formatting in README (Miroslav Bajtoš)
 * Fix the order of arguments in the jsdoc comment. (Charlie Schliesser)
 * Update readme with added XML support (David Cheung)
 * Add a machine-readable "code" property (Zak Barbuto)
 * Upgrade dependencies to their latest versions (Miroslav Bajtoš)
 * Describe "safeFields" option in README (Zak Barbuto)
 * Drop support for Node v0.10/v0.12 (Miroslav Bajtoš)
2017-03-22 10:05:23 +01:00
Miroslav Bajtoš c24e6be174 Merge pull request #50 from strongloop/fix-README-markdown-1
Fix markdown formatting in README
2017-03-22 10:03:55 +01:00
Miroslav Bajtoš 095ee9d1bd Fix markdown formatting in README 2017-03-22 09:49:22 +01:00
Miroslav Bajtoš 37cb2ce938 Merge pull request #49 from charlie-s/issue-46
Fix order of arguments in jsdoc comment of negotiateContentProducer.
2017-03-13 17:21:04 +01:00
Charlie Schliesser f96e7433d8 Fix the order of arguments in the jsdoc comment. 2017-03-13 10:46:10 -05:00
David Cheung afeedcc7b2 Merge pull request #44 from strongloop/update-readme-xml-support
Update readme with added XML support
2017-02-01 14:13:30 -05:00
David Cheung 1878aca979 Update readme with added XML support 2017-02-01 11:12:13 -05:00
Miroslav Bajtoš fb68b611c1 Merge pull request #38 from zbarbuto/error-code-prop
Add machine readable code property
2017-02-01 16:26:05 +01:00
Zak Barbuto 382fffc8b0 Add a machine-readable "code" property
Include `error.code` in 4xx responses.
2017-02-01 10:10:20 +01:00
Miroslav Bajtoš 4dddf78354 Merge pull request #43 from strongloop/update/deps
Upgrade dependencies to their latest versions
2017-02-01 09:49:47 +01:00
Miroslav Bajtoš 461867de1d Upgrade dependencies to their latest versions
Also:

 - fix linting errors after upgrading eslint-config-loopback
 - fix a bug discovered by eslint where uknown `?_format`
   was throwing an unhandled error
2017-02-01 09:24:21 +01:00
Miroslav Bajtoš 425364e2fa Merge pull request #41 from zbarbuto/safe_fields_desc
Safe fields property description
2017-01-31 12:42:25 +01:00
Zak Barbuto 9e576ce041 Describe "safeFields" option in README 2017-01-31 11:13:45 +01:00
Miroslav Bajtoš bd7af70585 Merge pull request #42 from strongloop/drop-support-for-legacy-node-versions
[SEMVER-MAJOR] Drop support for Node v0.10/v0.12
2017-01-31 09:43:46 +01:00
Miroslav Bajtoš 05d8844399 Drop support for Node v0.10/v0.12
Also add Node 7 to .travis.yml.
2017-01-31 09:31:51 +01:00
Miroslav Bajtoš c8845ff448 1.2.1
* Stop adding safeFields to original options arg (Miroslav Bajtoš)
2017-01-30 15:05:14 +01:00
Miroslav Bajtoš cbde9551ec Merge pull request #39 from strongloop/fix/immutable-options
Stop adding safeFields to original options arg
2017-01-30 15:04:53 +01:00
Miroslav Bajtoš 936e2d4838 Stop adding safeFields to original options arg 2017-01-30 14:48:38 +01:00
Miroslav Bajtoš e6126d1548 1.2.0
* Support options.safeFields (Zak Barbuto)
 * Readme cleanup (#36) (Rand McKinney)
 * xml support added (Ahmet Ozisik)
 * Update paid support URL (Siddhi Pai)
 * Downstream ignore dashboard-controller (Simon Ho)
 * Update pt translation file (Candy)
 * Make the examples more clear (Amir Jafarian)
 * Fix readme (Amir Jafarian)
2017-01-30 14:16:24 +01:00
Miroslav Bajtoš 51395209fe Merge pull request #37 from zbarbuto/safe_fields7
Allow specifying safeFields
2017-01-30 14:08:31 +01:00
Zak Barbuto 4e3f6eb6cc Support options.safeFields 2017-01-30 13:51:34 +01:00