github/socket.io
1
1
Fork 0
mirror of https://github.com/socketio/socket.io.git synced 2026-01-13 00:48:12 -05:00
Code Issues Packages Projects Releases Wiki Activity
1,736 Commits 24 Branches 205 Tags
2.5.1
Commit Graph

1736 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Damien Arrachequesne
88b2cdb6ab chore(release): 2.5.1 
Release notes: https://github.com/socketio/socket.io/releases/tag/2.5.1
Diff: https://github.com/socketio/socket.io/compare/2.5.0...2.5.1
2.5.1 		2024-06-19 10:48:24 +02:00
Damien Arrachequesne
d30630ba10 fix: add a noop handler for the error event 
Backported from main: 15af22fc22
 2024-06-19 10:46:29 +02:00
Damien Arrachequesne
f927ba29ef test: fix tests on Node.js > 18 
Reference: https://nodejs.org/api/buffer.html#class-blob
 2024-06-19 10:44:04 +02:00
Damien Arrachequesne
baa6804440 chore(release): 2.5.0 
Release notes: https://github.com/socketio/socket.io/releases/tag/2.5.0
Diff: https://github.com/socketio/socket.io/compare/2.4.1...2.5.0
2.5.0 		2022-06-26 09:49:21 +02:00
Damien Arrachequesne
f223178eb6 fix: prevent the socket from joining a room after disconnection 
Calling `socket.join()` after disconnection would lead to a memory
leak, because the room was never removed from the memory:

```js
io.on("connection", (socket) => {
  socket.disconnect();
  socket.join("room1"); // leak
});
```

Related:

- https://github.com/socketio/socket.io/issues/4067
- https://github.com/socketio/socket.io/issues/4380

Backported from 18f3fdab12
 2022-06-26 08:54:51 +02:00
Damien Arrachequesne
226cc16165 fix: only set 'connected' to true after middleware execution 
The Socket instance is only considered connected when the "connection"
event is emitted, and not during the middleware(s) execution.

```js
io.use((socket, next) => {
  console.log(socket.connected); // prints "false"
  next();
});

io.on("connection", (socket) => {
  console.log(socket.connected); // prints "true"
});
```

Related: https://github.com/socketio/socket.io/issues/4129

Backported from 02b0f73e2c
 2022-06-26 08:46:28 +02:00
Damien Arrachequesne
05e1278cfa fix: fix race condition in dynamic namespaces 
Using an async operation with `io.use()` could lead to the creation of
several instances of a same namespace, each of them overriding the
previous one.

Example:

```js
io.use(async (nsp, auth, next) => {
  await anOperationThatTakesSomeTime();
  next();
});
```

Related: https://github.com/socketio/socket.io/issues/4136

Backported from 9d86397243
 2022-06-26 08:41:16 +02:00
Damien Arrachequesne
22d4bdf00d fix: ignore packet received after disconnection 
Related: https://github.com/socketio/socket.io/issues/3095

Backported from 494c64e44f
 2022-06-26 08:35:42 +02:00
Damien Arrachequesne
dfded53593 chore: update engine.io version to 3.6.0 
Release notes: https://github.com/socketio/engine.io/releases/tag/3.6.0
Diff: https://github.com/socketio/engine.io/compare/3.5.0...3.6.0
 2022-06-26 08:13:06 +02:00
Damien Arrachequesne
e6b869738c chore(release): 2.4.1 
Diff: https://github.com/socketio/socket.io/compare/2.4.0...2.4.1
2.4.1 		2021-01-07 10:59:46 +01:00
Damien Arrachequesne
a169050947 revert: fix(security): do not allow all origins by default 
This reverts commit f78a575f66.

This commit contains a breaking change which deviates from semver,
which we try to follow as closely as possible. That's why this change
is reverted and we will rather suggest users to upgrade to v3.

Related: https://github.com/socketio/socket.io/discussions/3741
 2021-01-07 10:51:55 +01:00
Damien Arrachequesne
873fdc55ed chore(release): 2.4.0 
Diff: https://github.com/socketio/socket.io/compare/2.3.0...2.4.0
2.4.0 		2021-01-05 00:27:13 +01:00
Damien Arrachequesne
f78a575f66 fix(security): do not allow all origins by default 
BREAKING CHANGE: previously, all origins were allowed by default, which
meant that a Socket.IO server sent the necessary CORS headers
(`Access-Control-Allow-xxx`) to any domain by default.

Please note that you are not impacted if:

- you are using Socket.IO v2 and the `origins` option to restrict the list of allowed domains
- you are using Socket.IO v3 (disabled by default)

This commit also removes the support for '*' matchers and protocol-less
URL:

```
io.origins('https://example.com:443'); => io.origins(['https://example.com']);
io.origins('localhost:3000');          => io.origins(['http://localhost:3000']);
io.origins('http://localhost:*');      => io.origins(['http://localhost:3000']);
io.origins('*:3000');                  => io.origins(['http://localhost:3000']);
```

To restore the previous behavior (please use with caution):

```js
io.origins((_, callback) => {
  callback(null, true);
});
```

See also:

- https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
- https://socket.io/docs/v3/handling-cors/
- https://socket.io/docs/v3/migrating-from-2-x-to-3-0/#CORS-handling

Thanks a lot to https://github.com/ni8walk3r for the security report.
 2021-01-04 22:34:09 +01:00
Sebastiaan Marynissen
d33a619905 fix: properly overwrite the query sent in the handshake 
The `query` option of the Manager had the priority over the one of the
Socket instance, which meant updating the Socket#query object on the
client-side was not reflected in the Socket#handshake object on the
server-side.

Please note that the behavior of the `query` option is still a bit
weird in Socket.IO v2, as it only applies to non-default namespace.
This is fixed in v3:

- https://socket.io/docs/v3/migrating-from-2-x-to-3-0/#Add-a-clear-distinction-between-the-Manager-query-option-and-the-Socket-query-option
- https://socket.io/docs/v3/middlewares/#Sending-credentials

Fixes https://github.com/socketio/socket.io/issues/3495
 2021-01-04 11:34:24 +01:00
Damien Arrachequesne
3951a79359 chore: bump engine.io version 
Diff: https://github.com/socketio/engine.io/compare/3.4.2...3.5.0
 2021-01-04 10:50:13 +01:00
Damien Arrachequesne
6fa026fc94 ci: migrate to GitHub Actions 
Due to the recent changes to the Travis CI platform (see [1]), we will
now use GitHub Actions to run the tests.

Reference: https://docs.github.com/en/free-pro-team@latest/actions/guides/building-and-testing-nodejs

[1]: https://blog.travis-ci.com/2020-11-02-travis-ci-new-billing
 2021-01-04 10:46:44 +01:00
Damien Arrachequesne
47161a65d4 [chore] Release 2.3.0 
Diff: https://github.com/socketio/socket.io/compare/2.2.0...2.3.0
2.3.0 		2019-09-20 12:18:39 +02:00
Damien Arrachequesne
cf39362014 [chore] Bump socket.io-parser to version 3.4.0 
Diff: https://github.com/socketio/socket.io-parser/compare/3.3.0...3.4.0
 2019-09-20 11:04:11 +02:00
flaambe
4d01b2c84c test: remove deprecated Buffer usage (#3481) 2019-09-20 10:50:12 +02:00
Jonatan Juárez
82271921db [docs] Fix the default value of the 'origins' parameter (#3464) 
Fix documentation about default origins value. The default should read `*:*` instead of `*
 2019-09-20 10:37:54 +02:00
Damien Arrachequesne
1150eb50e9 [chore] Bump engine.io to version 3.4.0 
Diff: https://github.com/socketio/engine.io/compare/3.3.1...3.4.0
 2019-09-20 10:31:25 +02:00
Grant Timmerman
9c1e73c752 [chore] Update the license of the chat example (#3410) 
There was no obvious reason to use BSD instead of MIT for that very basic chat app.

Closes #3411
 2019-03-15 22:22:22 +01:00
Damien Arrachequesne
df05b73bb9 [chore] Release 2.2.0 2.2.0 2018-11-29 00:00:45 +01:00
Markko Legonkov
b00ae50be6 [feat] Add cache-control header when serving the client source (#2907) 2018-11-20 08:02:04 +01:00
Nadir Hussain Laskar
d3c653d876 [docs] Add Touch Support to the whiteboard example (#3104) 2018-11-20 08:01:09 +01:00
Antonio
a7fbd1ac4a [fix] Throw an error when trying to access the clients of a dynamic namespace (#3355) 
Accessing the clients of a dynamic namespace throws because doing `io.of(/your-regex/g)` returns a namespace with no adapter and the clients methods tries to access `namespace.adapter.clients`.
 2018-11-20 07:40:11 +01:00
Damien Arrachequesne
190d22b46e [chore] Bump dependencies 
- engine.io: https://github.com/socketio/engine.io/compare/3.2.0...3.3.1
- socket.io-parser: https://github.com/socketio/socket.io-parser/compare/3.2.0..3.3.0
 2018-11-20 07:33:41 +01:00
Damien Arrachequesne
7b8fba7ea2 [test] Update Travis configuration 
Reference: https://github.com/nodejs/Release
 2018-11-20 07:32:39 +01:00
Emmanuel DEMEY
e5f0ceaee0 [docs] Use new JavaScript syntax inside the README (#3360) 2018-11-08 00:26:54 +01:00
Damien Arrachequesne
7e35f901b8 [docs] fix this scope in the chat example 
`user is typing` messages were not properly removed

Closes #3291
 2018-08-28 09:05:44 +02:00
Damien Arrachequesne
2dbec77a38 [chore] Update issue template 2018-08-21 13:21:14 +02:00
Andrew Stelmach
d97d873aee [docs] update README.md (#3309) 2018-08-18 23:32:07 +02:00
Damien Arrachequesne
e0b2cb0c5a [chore] Release 2.1.1 2.1.1 2018-05-17 23:22:49 +02:00
Sleiman Sleiman
1decae341c [feat] Add local flag to the socket object (#3219) 
To match the behaviour on the namespace (see #2628).
 2018-04-27 13:03:25 +02:00
Donut
0279c47c8c [docs] Convert the chat example to ES6 (#3227) 2018-04-27 13:00:27 +02:00
Damien Arrachequesne
2917942b3e [docs] Clarify private messaging in the emit cheatsheet (#3232) 
The previous version was confusing, as `socket.to(socket.id).emit()` does nothing.

Fixes #3220
 2018-04-27 12:50:31 +02:00
Damien Arrachequesne
db831a3de4 [chore] Release 2.1.0 2.1.0 2018-03-29 23:30:03 +02:00
Damien Arrachequesne
ac945d1eba [feat] Add support for dynamic namespaces (#3195) 
This follows #3187, with a slightly different API.

A dynamic namespace can be created with:

```js
io.of(/^\/dynamic-\d+$/).on('connect', (socket) => { /* ... */ });
```
 2018-03-29 23:08:08 +02:00
Scott Gress
ad0c052eff [docs] Add note in docs for origins(fn) about error needing to be a string. (#2895) 2018-03-10 09:03:28 +01:00
Damien Arrachequesne
1f1d64bab6 [fix] Include the protocol in the origins check (#3198) 
Previously, the protocol was not taken in account, which caused the following behaviour:

```js
io.origins('https://foo.example.com:443'); // ok as a string
io.origins(['https://foo.example.com:443'); // not ok as an array
```

Fixes #3190
 2018-03-10 08:56:42 +01:00
Damien Arrachequesne
f4fc517e0f [fix] Properly emit 'connect' when using a custom namespace (#3197) 
When using a custom namespace with a middleware, the client did not receive the 'connect' event.

Fixes #3082
 2018-03-10 08:51:22 +01:00
Jumper Chen
be61ba0a20 [docs] Add link to a Dart client implementation (#2940) 2018-03-01 00:23:45 +01:00
Damien Arrachequesne
c0c79f019e [feat] Add support for dynamic namespaces (#3187) 2018-03-01 00:22:16 +01:00
Damien Arrachequesne
dea5214f21 [chore] Bump superagent and supertest versions (#3186) 2018-02-28 23:19:19 +01:00
Damien Arrachequesne
b1941d5dfe [chore] Bump engine.io to version 3.2.0 2018-02-28 23:10:40 +01:00
Miguel Piedrafita
a23007a635 [docs] Update license year (#3153) 2018-02-28 23:03:02 +01:00
Damien Arrachequesne
f48a06c040 [feat] Add a 'binary' flag (#3185) 
So that the call to the `has-binary` method can be skipped. Usage:

```
// with binary data
socket.binary(true).emit("binary", obj);

// without binary data
socket.binary(false).emit("string", obj);

// call to hasBin
socket.emit("guess", obj);
```
 2018-02-28 23:00:16 +01:00
Damien Arrachequesne
0539a2c4fd [test] Update travis configuration 2018-02-28 22:56:28 +01:00
Devlin Pajaron
c06ac071d0 [docs] Fix typo (#3157) 2018-02-25 09:26:24 +01:00
Damien Arrachequesne
52b09609db [chore] Bump debug to version 3.1.0 2018-02-25 09:22:40 +01:00