- deps: cookie-signature@1.0.6
- deps: uid-safe@1.1.0
- Use
crypto.randomBytes, if available - deps: base64-url@1.2.1
- Use
- deps: uid-safe@1.0.3
- Fix error branch that would throw
- deps: base64-url@1.2.0
- deps: uid-safe@1.0.2
- Remove dependency on
mz
- Remove dependency on
- Add
store.touchinterface for session stores - Fix
MemoryStoreexpiration withresave: false - deps: debug@~2.1.1
- Fix error when
req.sessionIDcontains a non-string value
- deps: crc@3.2.1
- Minor fixes
- Remove unnecessary empty write call
- Fixes Node.js 0.11.14 behavior change
- Helps work-around Node.js 0.10.1 zlib bug
- deps: debug@~2.1.0
- Implement
DEBUG_FDenv variable support
- Implement
- deps: depd@~1.0.0
- Use
crcinstead ofbuffer-crc32for speed - deps: depd@0.4.5
- Keep
req.session.savenon-enumerable - Prevent session prototype methods from being overwritten
- Do not resave already-saved session at end of request
- deps: cookie-signature@1.0.5
- deps: debug@~2.0.0
- Fix exception on
res.end(null)calls
- Fix parsing original URL
- deps: on-headers@~1.0.0
- deps: parseurl@~1.3.0
- Fix response end delay for non-chunked responses
- Fix
res.endpatch to call correct upstreamres.write
- deps: depd@0.4.4
- Work-around v8 generating empty stack traces
- deps: depd@0.4.3
- Fix exception when global
Error.stackTraceLimitis too low
- Fix exception when global
- Improve session-ending error handling
- Errors are passed to
next(err)instead ofconsole.error
- Errors are passed to
- deps: debug@1.0.4
- deps: depd@0.4.2
- Add
TRACE_DEPRECATIONenvironment variable - Remove non-standard grey color from color output
- Support
--no-deprecationargument - Support
--trace-deprecationargument
- Add
- Do not require
req.originalUrl - deps: debug@1.0.3
- Add support for multiple wildcards in namespaces
- Fix blank responses for stores with synchronous operations
- Fix resave deprecation message
- Fix confusing option deprecation messages
- Fix saveUninitialized deprecation message
- Add deprecation message to undefined
resaveoption - Add deprecation message to undefined
saveUninitializedoption - Fix
res.endpatch to return correct value - Fix
res.endpatch to handle multipleres.endcalls - Reject cookies with missing signatures
- deps: cookie-signature@1.0.4
- fix for timing attacks
- Move hard-to-track-down
req.secretdeprecation message
- Debug name is now "express-session"
- Deprecate integration with
cookie-parsermiddleware - Deprecate looking for secret in
req.secret - Directly read cookies;
cookie-parserno longer required - Directly set cookies;
res.cookieno longer required - Generate session IDs with
uid-safe, faster and even less collisions
- Add
genidoption to generate custom session IDs - Add
saveUninitializedoption to control saving uninitialized sessions - Add
unsetoption to control unsettingreq.session - Generate session IDs with
rand-tokenby default; reduce collisions - deps: buffer-crc32@0.2.3
- Add description in package for npmjs.org listing
- Integrate with express "trust proxy" by default
- deps: debug@1.0.2
- Fix
resavesuch thatresave: trueworks
- Add
resaveoption to control saving unmodified sessions
- Add
nameoption; replacement forkeyoption - Use
setImmediatein MemoryStore for node.js >= 0.10
- deps: debug@0.8.1
- Use
res.cookie()instead ofres.setHeader() - deps: cookie@0.1.2
- Add missing dependency to
package.json
- Add missing dependencies to
package.json
- Genesis from
connect