All Versions
57
Latest Version
Avg Release Cycle
444 days
Latest Release
1559 days ago
Changelog History
Page 2
Changelog History
Page 2
-
v1.1.1 Changes
February 25, 2015- ๐ Make sure the client ID associated with a WebSocket is not dropped, so the socket can be closed properly
- ๐ Handle cases where a JSON-P endpoint returns no response argument
- Stop trying to retry messages after the client has been disconnected
- โ Remove duplication of the client ID in EventSource URLs
-
v1.1.0 Changes
December 22, 2014- ๐ Allow the server and client to use WebSocket extensions, for example permessage-deflate
- Support the
HTTP_PROXY
andHTTPS_PROXY
environment variables to send all client connections through an HTTP proxy - โฑ Introduce the
Scheduler
API to allow the user to control message retries - โ Add the
attempts
anddeadline
options toClient#publish()
- Let
RackAdapter
take a block that yields the instance, so extensions can be added to middleware - ๐ Allow monitoring listeners to see the
clientId
on publishd messages but still avoid sending it to subscribers - Return a promise from
Client#disconnect()
- ๐ Fix client-side retry bugs causing the client to flood the server with duplicate messages
- ๐ Send all transport types in the
supportedConnectionTypes
handshake parameter - Don't close WebSockets when the client recovers from an error and sends a new
clientId
- Replace
cookiejar
withtough-cookie
to avoid global variable leaks
-
v1.0.4 Changes
April 28, 2020- ๐ Fix
/meta/*
channel recognition bug in the server that enables authentication bypass
- ๐ Fix
-
v1.0.3 Changes
July 08, 2014- ๐ Make some changes to JSON-P responses to mitigate the Rosetta Flash attack
- http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/
-
v1.0.2
July 08, 2014 -
v1.0.1 Changes
December 10, 2013- โ Add
Adapter#close()
method for gracefully shutting down the server - ๐ Fix error recover bug in WebSocket that made transport cycle through
up
/down
state - โก๏ธ Update Promise implementation to pass
promises-aplus-tests 2.0
- ๐ Correct some incorrect variable names in the Ruby transports
- ๐ Make logging methods public to fix a problem on Ruby 2.1
- โ Add
-
v1.0.0 Changes
October 01, 2013- Client changes:
- Allow clients to be instantiated with URI objects rather than strings
- Add a
ca
option to the NodeClient
class for passing in trusted server certificates - Objects supporting the
callback()
method in JavaScript are now Promises - Fix protocol-relative URI parsing in the client
- Remove the
getClientId()
andgetState()
methods from theClient
class
- Transport changes:
- Add request-size limiting to all batching transports
- Make the WebSocket transport more robust against quiet network periods and clients going to sleep
- Support cookies across all transports when using the client on Node.js or Ruby
- Support custom headers in the
cross-origin-long-polling
and server-sidewebsocket
transports
- Adapter changes:
- Support the
rack.hijack
streaming API - Migrate to MultiJson for JSON handling on Ruby, allowing use of JRuby
- Escape U+2028 and U+2029 in JSON-P output
- Fix a bug stopping requests being routed when the mount point is
/
- Fix various bugs that cause errors to be thrown if we try to send a message over a closed socket
- Remove the
listen()
method fromAdapter
in favour of using server-specific APIs
- Support the
- Server changes:
- Use cryptographically secure random number generators to create client IDs
- Allow extensions to access request properties by using 3-ary methods
- Objects supporting the
bind()
method now implement the fullEventEmitter
API - Stop the server from forwarding the
clientId
property of published messages
- Miscellaneous:
- Support Browserify by returning the client module
Faye.logger
can now be a logger object rather than a function
- Client changes:
-
v0.8.11 Changes
July 08, 2014- ๐ Make some changes to JSON-P responses to mitigate the Rosetta Flash attack
- http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/
-
v0.8.10
-
v0.8.9 Changes
February 26, 2013- Specify ciphers for SSL on Node to mitigate the BEAST attack
- Mitigate increased risk of socket hang-up errors in Node v0.8.20
- ๐ Fix race condition when processing outgoing extensions in the Node server
- ๐ Fix problem loading the client script when using
{mount: '/'}
- Clean up connection objects when a WebSocket is re-used with a new clientId
- All JavaScript code now runs in strict mode
- Select transport on handshake, instead of on client creation to allow time for
disable()
calls - Do not speculatively open WebSocket/EventSource connections if they are disabled
- Gracefully handle WebSocket messages with no data on the client side
- Close and reconnect WebSocket when onerror is fired, not just when onclose is fired
- ๐ Fix problem with caching of EventSource connections with stale clientIds
- ๐ Don't parse query strings when checking if a URL is same-origin or not